Jump to content
Froxlor Forum

Question

Posted

Hallo,

nachdem ich meinen Froxlor-Server neu aufgesetzt habe, habe ich nun ein anderes komisches Problem.

Ich habe die Konfigurationsschritte vollständig durchgeführt - sicherheitshalber auch zuerst "automatisch" durchführen lassen und danach noch einmal verifiziert.

Lege ich nun einen Kunden an (http://test.computer-stube.com), verweist dies auf den Root des Servers.
Schaue ich in die vHost-Datei, steht dort folgendes:

# 29_froxlor_normal_vhost_test.computer-stube.com.conf
# Created 07.02.2020 16:55
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 3 - CustomerID: 2 - CustomerLogin: test
<VirtualHost 178.63.105.174:80>
  ServerName test.computer-stube.com
  ServerAlias *.test.computer-stube.com
  ServerAdmin Michael.Gross@mgw94.de
  DocumentRoot "/var/customers/webs/test/"
  FcgidIdleTimeout 30
  SuexecUserGroup "test" "test"
  <Directory "/var/customers/webs/test/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/test/test.computer-stube.com/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  LogLevel warn
  ErrorLog "/var/customers/logs/test-error.log"
  CustomLog "/var/customers/logs/test-access.log" combined
</VirtualHost>
# 29_froxlor_ssl_vhost_test.computer-stube.com.conf
# Created 07.02.2020 17:26
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 3 (SSL) - CustomerID: 2 - CustomerLogin: test
<VirtualHost 178.63.105.174:443>
  ServerName test.computer-stube.com
  ServerAlias *.test.computer-stube.com
  ServerAdmin Michael.Gross@mgw94.de
  SSLEngine On
  SSLProtocol -ALL +TLSv1 +TLSv1.2
  SSLCompression Off
  SSLHonorCipherOrder off
  SSLCipherSuite ECDH+AESGCM:ECDH+AES256:!aNULL:!MD5:!DSS:!DH:!AES128
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/certs/apache.crt
  SSLCertificateKeyFile /etc/ssl/private/apache.key
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=0"
  </IfModule>
  DocumentRoot "/var/customers/webs/test/"
  FcgidIdleTimeout 30
  SuexecUserGroup "test" "test"
  <Directory "/var/customers/webs/test/">
    <FilesMatch "\.(php)$">
      SetHandler fcgid-script
      FcgidWrapper /var/www/php-fcgi-scripts/test/test.computer-stube.com/php-fcgi-starter .php
      Options +ExecCGI
    </FilesMatch>
    Require all granted
    AllowOverride All
  </Directory>
  LogLevel warn
  ErrorLog "/var/customers/logs/test-error.log"
  CustomLog "/var/customers/logs/test-access.log" combined
</VirtualHost>

Also an sich ist die richtige Konfiguration hinterlegt.

Im Cron ist folgendes konfiguriert:

image.thumb.png.23011181a2c8dee61d4f137dbb876c7f.png

# automatically generated cron-configuration by froxlor
# do not manually edit this file as it will be re-generated periodically.
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
#
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --tasks 1> /dev/null
0 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --traffic 1> /dev/null
5 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --usage_report 1> /dev/null
0 */6 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --mailboxsize 1> /dev/null
*/5 * * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --letsencrypt 1> /dev/null
10 0 * * * root /usr/bin/nice -n 5 /usr/bin/php -q /var/www/froxlor/scripts/froxlor_master_cronjob.php --backup 1> /dev/null

Auch das manuelle Ausführen mittels "

php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force

bringt bei mir leider keinen Erfolg.

Die Ausgabe vom debug ist wie folgt:

root@lx001:/etc/apache2/sites-enabled# php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] No new certificates or certificates due for renewal found
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:80
[notice] 178.63.105.174:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 178.63.105.174:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:443
[debug] 178.63.105.174:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 3, customer test
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 1 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 1 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid

 

Ich fühle mich gerade echt dämlich, kann ja eigentlich nicht so schwer sein, da es eigentlich ja alles nur "Copy+Paste" ist

Das Endverzeichnis wurde jedoch korrekt angelegt:

root@lx001:/var/customers/webs# ls
test
root@lx001:/var/customers/webs# cd test
root@lx001:/var/customers/webs/test# ls
index.html  webalizer

Ich habe zusätzlich zur "Standardkonfiguration" noch libnss-extrausers und FCGID  eingerichtet, da ich ältere PHP Versionen benötige.

Grüße

Michael

10 answers to this question

Recommended Posts

  • 0
Posted

Das Problem ist gelöst.

Es ist immer gut mit Profis zu schreiben, meißtens denkt man dann noch mal richtig nach und merkt auch, wie dämlich man doch sein kann 😁

Problem war eine falsche Übersetzung auf meiner Firewall - ich habe nun über MySQL die IP-Adressen von Froxlor auf meine privaten Adressen angepasst und auf der Firewall eine Port-Redirection eingerichtet - somit hört der "Froxlor-Server" nun auf die privaten Adressen und die Firewall übersetzt die Kommunikation von "außen" auf die privaten Adressen.

Ich wünsche euch zusammen noch einen schönen Abend 🐨

  • 0
Posted

Ich habe einmal eine neue Domäne angelegt und den Debug-Befehl ausgeführt - vielleicht hilft das bei der Fehleranalyse mehr:

root@lx001:~# php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] No new certificates or certificates due for renewal found
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:80
[notice] 178.63.105.174:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 178.63.105.174:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:443
[debug] 178.63.105.174:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 3, customer test
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 1 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 1 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid
root@lx001:~# cd /var/www
root@lx001:/var/www# ls
froxlor  html  php-fcgi-scripts  webalizer
root@lx001:/var/www# nano index.html
root@lx001:/var/www# php /var/www/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting/renewing Let's Encrypt certificates
[information] Creating certificate for computer-stube.de
[information] Adding SAN entry: computer-stube.de
[information] Adding SAN entry: www.computer-stube.de
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Fri Feb  7 17:18:05 CET 2020] Already uptodate!
[Fri Feb  7 17:18:05 CET 2020] Upgrade success!
[Fri Feb  7 17:18:05 CET 2020] Removing cron job
[Fri Feb  7 17:18:05 CET 2020] Lets find script dir.
[Fri Feb  7 17:18:05 CET 2020] _SCRIPT_='/root/.acme.sh/acme.sh'
[Fri Feb  7 17:18:05 CET 2020] _script='/root/.acme.sh/acme.sh'
[Fri Feb  7 17:18:05 CET 2020] _script_home='/root/.acme.sh'
[Fri Feb  7 17:18:05 CET 2020] Using default home:/root/.acme.sh
[Fri Feb  7 17:18:05 CET 2020] Using config home:/root/.acme.sh
[Fri Feb  7 17:18:05 CET 2020] Using server: https://acme-v02.api.letsencrypt.org/directory
[Fri Feb  7 17:18:05 CET 2020] Running cmd: issue
[Fri Feb  7 17:18:05 CET 2020] _main_domain='computer-stube.de'
[Fri Feb  7 17:18:05 CET 2020] _alt_domains='www.computer-stube.de'
[Fri Feb  7 17:18:05 CET 2020] Using config home:/root/.acme.sh
[Fri Feb  7 17:18:05 CET 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri Feb  7 17:18:05 CET 2020] DOMAIN_PATH='/root/.acme.sh/computer-stube.de'
[Fri Feb  7 17:18:05 CET 2020] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Fri Feb  7 17:18:05 CET 2020] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Fri Feb  7 17:18:05 CET 2020] GET
[Fri Feb  7 17:18:05 CET 2020] url='https://acme-v02.api.letsencrypt.org/directory'
[Fri Feb  7 17:18:05 CET 2020] timeout=
[Fri Feb  7 17:18:05 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:06 CET 2020] ret='0'
[Fri Feb  7 17:18:06 CET 2020] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_AUTHZ
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Fri Feb  7 17:18:06 CET 2020] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Fri Feb  7 17:18:06 CET 2020] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Fri Feb  7 17:18:06 CET 2020] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Fri Feb  7 17:18:06 CET 2020] ACME_VERSION='2'
[Fri Feb  7 17:18:06 CET 2020] _on_before_issue
[Fri Feb  7 17:18:06 CET 2020] _chk_main_domain='computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] _chk_alt_domains='www.computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] Le_LocalAddress
[Fri Feb  7 17:18:06 CET 2020] d='computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] Check for domain='computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:06 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] Check for domain='www.computer-stube.de'
[Fri Feb  7 17:18:06 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:06 CET 2020] d
[Fri Feb  7 17:18:06 CET 2020] _saved_account_key_hash is not changed, skip register account.
[Fri Feb  7 17:18:06 CET 2020] Read key length:
[Fri Feb  7 17:18:06 CET 2020] Using config home:/root/.acme.sh
[Fri Feb  7 17:18:06 CET 2020] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri Feb  7 17:18:06 CET 2020] Use length 4096
[Fri Feb  7 17:18:06 CET 2020] Using RSA: 4096
[Fri Feb  7 17:18:07 CET 2020] _createcsr
[Fri Feb  7 17:18:07 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:07 CET 2020] d
[Fri Feb  7 17:18:07 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri Feb  7 17:18:07 CET 2020] payload='{"identifiers": [{"type":"dns","value":"computer-stube.de"},{"type":"dns","value":"www.computer-stube.de"}]}'
[Fri Feb  7 17:18:07 CET 2020] RSA key
[Fri Feb  7 17:18:07 CET 2020] HEAD
[Fri Feb  7 17:18:07 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Fri Feb  7 17:18:07 CET 2020] _WGET='wget -q --content-on-error  --read-timeout=3.0  --tries=2  '
[Fri Feb  7 17:18:08 CET 2020] Using sed  -i
[Fri Feb  7 17:18:08 CET 2020] _ret='0'
[Fri Feb  7 17:18:08 CET 2020] POST
[Fri Feb  7 17:18:08 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri Feb  7 17:18:08 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:09 CET 2020] Using sed  -i
[Fri Feb  7 17:18:09 CET 2020] _ret='0'
[Fri Feb  7 17:18:09 CET 2020] code='201'
[Fri Feb  7 17:18:09 CET 2020] Le_LinkOrder='https://acme-v02.api.letsencrypt.org/acme/order/77610573/2261819785'
[Fri Feb  7 17:18:09 CET 2020] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785'
[Fri Feb  7 17:18:09 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764387'
[Fri Feb  7 17:18:09 CET 2020] payload
[Fri Feb  7 17:18:09 CET 2020] POST
[Fri Feb  7 17:18:09 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764387'
[Fri Feb  7 17:18:09 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:09 CET 2020] Using sed  -i
[Fri Feb  7 17:18:09 CET 2020] _ret='0'
[Fri Feb  7 17:18:09 CET 2020] code='200'
[Fri Feb  7 17:18:09 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764389'
[Fri Feb  7 17:18:09 CET 2020] payload
[Fri Feb  7 17:18:09 CET 2020] POST
[Fri Feb  7 17:18:09 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/authz-v3/2692764389'
[Fri Feb  7 17:18:09 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:10 CET 2020] Using sed  -i
[Fri Feb  7 17:18:10 CET 2020] _ret='0'
[Fri Feb  7 17:18:10 CET 2020] code='200'
[Fri Feb  7 17:18:10 CET 2020] d='computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] _w='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] entry='"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg","token":"3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko","validationRecord":[{"url":"http://computer-stube.de/.well-known/acme-challenge/3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko","hostname":"computer-stube.de","port":"80","addressesResolved":["104.18.36.68","104.18.37.68","2606:4700:3035::6812:2544","2606:4700:3034::6812:2444"],"addressUsed":"2606:4700:3035::6812:2544"'
[Fri Feb  7 17:18:10 CET 2020] token='3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko'
[Fri Feb  7 17:18:10 CET 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg'
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='3W2LUJnIybfVIpQeWDua70Lto5ak2p80jPYAMgza4ko.OKvTGZCiYXFMR5VOs2lUQQWSWWjs4FdZcenBpZW-fns'
[Fri Feb  7 17:18:10 CET 2020] computer-stube.de is already verified.
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='verified_ok'
[Fri Feb  7 17:18:10 CET 2020] dvlist='computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg#http-01#/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] _w='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] _currentRoot='/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] entry='"type":"http-01","status":"valid","url":"https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ","token":"1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs","validationRecord":[{"url":"http://www.computer-stube.de/.well-known/acme-challenge/1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs","hostname":"www.computer-stube.de","port":"80","addressesResolved":["104.18.36.68","104.18.37.68","2606:4700:3034::6812:2444","2606:4700:3035::6812:2544"],"addressUsed":"2606:4700:3034::6812:2444"'
[Fri Feb  7 17:18:10 CET 2020] token='1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs'
[Fri Feb  7 17:18:10 CET 2020] uri='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ'
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='1vnWiDkopHNzbyQRFHRCNpOoU82g9CO6_apEMZY92Bs.OKvTGZCiYXFMR5VOs2lUQQWSWWjs4FdZcenBpZW-fns'
[Fri Feb  7 17:18:10 CET 2020] www.computer-stube.de is already verified.
[Fri Feb  7 17:18:10 CET 2020] keyauthorization='verified_ok'
[Fri Feb  7 17:18:10 CET 2020] dvlist='www.computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ#http-01#/var/www/froxlor'
[Fri Feb  7 17:18:10 CET 2020] d
[Fri Feb  7 17:18:10 CET 2020] vlist='computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764387/Zr4vJg#http-01#/var/www/froxlor,www.computer-stube.de#verified_ok#https://acme-v02.api.letsencrypt.org/acme/chall-v3/2692764389/zXYeOQ#http-01#/var/www/froxlor,'
[Fri Feb  7 17:18:10 CET 2020] d='computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] d='www.computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] www.computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] ok, let's start to verify
[Fri Feb  7 17:18:10 CET 2020] pid
[Fri Feb  7 17:18:10 CET 2020] No need to restore nginx, skip.
[Fri Feb  7 17:18:10 CET 2020] _clearupdns
[Fri Feb  7 17:18:10 CET 2020] dns_entries
[Fri Feb  7 17:18:10 CET 2020] skip dns.
[Fri Feb  7 17:18:10 CET 2020] i='2'
[Fri Feb  7 17:18:10 CET 2020] j='27'
[Fri Feb  7 17:18:10 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785'
[Fri Feb  7 17:18:10 CET 2020] payload='{"csr": "MIIEtDCCApwCAQAwHDEaMBgGA1UEAwwRY29tcHV0ZXItc3R1YmUuZGUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnGgR1w64yp0FCkPf70WHyC1QZfUO07abg-lMLOTNda-zHiq78W4sICc5tBOyvMMwZXIGStwP-AGTxXmJz0uszafZ1EDVR554fiCE2DTFG4L9sfJ4vUPmn1xesxQ66VJJKQxqxXsZqWJ4WK9T21yCP6CfkKqSTAf-EeAEbmD7UQ8wp-VnZXDJ-xmfgx5MviKUKSzjl6f-GB3hQJHHCGM66tTO4pkuKtvBig9Rz-20DQQRyB3DTnrA5h2mT6tyn-igvehbB0-k7lXAUmMIqf5AiDLAy_ebDJgGQtxlY5ammQlJfs4KWR2HF8HxCCSiYojtUrBGfS3R6T1n0IlYHkyiGEZGFeuYiqjoF5tRtHebN-bFr4E2kTF1_-IG9tc9XlzO97g8eF6VLkQlKj3fpWXjYoHP1ZsIM8fsYHb4KbuzbCjMVd4-AAdZAXa9nSTVK_wizHBWZStLwdX4SgAM6ewlvD3D2tdzkCFggKewivipOeJ6h9zLqK6h13sGqQ8QMBE3LMiw_EFANdf6x6I2PUhU4plnYmBxQDz19nJy5fMYj2IOF6HaAC2rf42GPRYRnN6I57mocs0Hll2yndJ5sUMyYWPHtSNBd0FGFBVb3mpQtDuwvOibzosJu0WBfRmcDrxFEQ7W8jm1MQeARKl7MUSc-uM2GURsjZdLE6s5SXfxBywIDAQABoFMwUQYJKoZIhvcNAQkOMUQwQjALBgNVHQ8EBAMCBeAwMwYDVR0RBCwwKoIRY29tcHV0ZXItc3R1YmUuZGWCFXd3dy5jb21wdXRlci1zdHViZS5kZTANBgkqhkiG9w0BAQsFAAOCAgEALVZTJhn12fQ-Vw1sHcaVnPju4oZ3iIi2EhQBJC60EMXTF2e6V7rsv6_BpXnxj9w8A2tlXwVeiOUCBUGx2QxZnZ2YcPJfHY0aLlIeogLPRnhz6CnBvqR4rjtItSjn9YyJCbR8Q_hLuS9KeqY9lp8JwcaK29cN7pd1cd_snpTGjZ-7hJOyUfYJBUAwFa-zU1rwsZBQV8G4DIwwkQktBvIVRBe86UmreEwo7_TH09AJaZhoQ4I0QWJ4pTUGwWkBqZGq3ROSVK60VelcU2nkZCNM138GP_NZTPS0dEE4Kw9Refjn-tt5qoHWLQpIkV8XDmsF6heNHM1kc1b1Rh_N1kAF2j_A4qTNh3V8O4PFMuX3r9tPCtKOs5TrmzDvFoyHP46r5k_hchl-YwMXBI_N5b6jdXkTfLzDgyXYMYvD2pXxwwpQhVBojPWkmEdq6IORfLAGvu8sLykU1ZyyDfiE5UFrP6jfo4nLK9Pa0Oo_RnQt-tzavUh2Ye5X0xck6-KPIZsVZIR5FdgdZ6772oHi4_3XeBVdBsJ_vBc6hhMbyYSqBIXhtlX_UvFAPwtrWnbv-XevUM2859OQeIKwYPUOrnfo_KqPX-B1wm17sGACXL1QV0BiwYOl0-BF5FYFi3MgxV3BFUpJ0vav_rXcNZX8MfXNORtvuyajiiBz0xqxLeYurVA"}'
[Fri Feb  7 17:18:10 CET 2020] POST
[Fri Feb  7 17:18:10 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785'
[Fri Feb  7 17:18:10 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:11 CET 2020] Using sed  -i
[Fri Feb  7 17:18:11 CET 2020] _ret='0'
[Fri Feb  7 17:18:11 CET 2020] code='200'
[Fri Feb  7 17:18:11 CET 2020] Order status is valid.
[Fri Feb  7 17:18:11 CET 2020] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:11 CET 2020] url='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:11 CET 2020] payload
[Fri Feb  7 17:18:11 CET 2020] POST
[Fri Feb  7 17:18:11 CET 2020] _post_url='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:11 CET 2020] _WGET='wget -q --content-on-error '
[Fri Feb  7 17:18:12 CET 2020] Using sed  -i
[Fri Feb  7 17:18:12 CET 2020] _ret='0'
[Fri Feb  7 17:18:12 CET 2020] code='200'
[Fri Feb  7 17:18:12 CET 2020] Found cert chain
[Fri Feb  7 17:18:12 CET 2020] _end_n='37'
[Fri Feb  7 17:18:12 CET 2020] Le_LinkCert='https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e'
[Fri Feb  7 17:18:12 CET 2020] v2 chain.
[Fri Feb  7 17:18:12 CET 2020] _on_issue_success
[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri Feb  7 17:18:06 CET 2020] Creating domain key
[Fri Feb  7 17:18:07 CET 2020] The domain key is here: /root/.acme.sh/computer-stube.de/computer-stube.de.key
[Fri Feb  7 17:18:07 CET 2020] Multi domain='DNS:computer-stube.de,DNS:www.computer-stube.de'
[Fri Feb  7 17:18:07 CET 2020] Getting domain auth token for each domain
[Fri Feb  7 17:18:10 CET 2020] Getting webroot for domain='computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] Getting webroot for domain='www.computer-stube.de'
[Fri Feb  7 17:18:10 CET 2020] computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] www.computer-stube.de is already verified, skip http-01.
[Fri Feb  7 17:18:10 CET 2020] Verify finished, start to sign.
[Fri Feb  7 17:18:10 CET 2020] Lets finalize the order, Le_OrderFinalize: https://acme-v02.api.letsencrypt.org/acme/finalize/77610573/2261819785
[Fri Feb  7 17:18:11 CET 2020] Download cert, Le_LinkCert: https://acme-v02.api.letsencrypt.org/acme/cert/0307705f632b0d380143bd0930557dd5769e
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:07:70:5f:63:2b:0d:38:01:43:bd:09:30:55:7d:d5:76:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
        Validity
            Not Before: Feb  7 15:18:11 2020 GMT
            Not After : May  7 15:18:11 2020 GMT
        Subject: CN = computer-stube.de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:a7:1a:04:75:c3:ae:32:a7:41:42:90:f7:fb:d1:
                    61:f2:0b:54:19:7d:43:b4:ed:a6:e0:fa:53:0b:39:
                    33:5d:6b:ec:c7:8a:ae:fc:5b:8b:08:09:ce:6d:04:
                    ec:af:30:cc:19:5c:81:92:b7:03:fe:00:64:f1:5e:
                    62:73:d2:eb:33:69:f6:75:10:35:51:e7:9e:1f:88:
                    21:36:0d:31:46:e0:bf:6c:7c:9e:2f:50:f9:a7:d7:
                    17:ac:c5:0e:ba:54:92:4a:43:1a:b1:5e:c6:6a:58:
                    9e:16:2b:d4:f6:d7:20:8f:e8:27:e4:2a:a4:93:01:
                    ff:84:78:01:1b:98:3e:d4:43:cc:29:f9:59:d9:5c:
                    32:7e:c6:67:e0:c7:93:2f:88:a5:0a:4b:38:e5:e9:
                    ff:86:07:78:50:24:71:c2:18:ce:ba:b5:33:b8:a6:
                    4b:8a:b6:f0:62:83:d4:73:fb:6d:03:41:04:72:07:
                    70:d3:9e:b0:39:87:69:93:ea:dc:a7:fa:28:2f:7a:
                    16:c1:d3:e9:3b:95:70:14:98:c2:2a:7f:90:22:0c:
                    b0:32:fd:e6:c3:26:01:90:b7:19:58:e5:a9:a6:42:
                    52:5f:b3:82:96:47:61:c5:f0:7c:42:09:28:98:a2:
                    3b:54:ac:11:9f:4b:74:7a:4f:59:f4:22:56:07:93:
                    28:86:11:91:85:7a:e6:22:aa:3a:05:e6:d4:6d:1d:
                    e6:cd:f9:b1:6b:e0:4d:a4:4c:5d:7f:f8:81:bd:b5:
                    cf:57:97:33:bd:ee:0f:1e:17:a5:4b:91:09:4a:8f:
                    77:e9:59:78:d8:a0:73:f5:66:c2:0c:f1:fb:18:1d:
                    be:0a:6e:ec:db:0a:33:15:77:8f:80:01:d6:40:5d:
                    af:67:49:35:4a:ff:08:b3:1c:15:99:4a:d2:f0:75:
                    7e:12:80:03:3a:7b:09:6f:0f:70:f6:b5:dc:e4:08:
                    58:20:29:ec:22:be:2a:4e:78:9e:a1:f7:32:ea:2b:
                    a8:75:de:c1:aa:43:c4:0c:04:4d:cb:32:2c:3f:10:
                    50:0d:75:fe:b1:e8:8d:8f:52:15:38:a6:59:d8:98:
                    1c:50:0f:3d:7d:9c:9c:b9:7c:c6:23:d8:83:85:e8:
                    76:80:0b:6a:df:e3:61:8f:45:84:67:37:a2:39:ee:
                    6a:1c:b3:41:e5:97:6c:a7:74:9e:6c:50:cc:98:58:
                    f1:ed:48:d0:5d:d0:51:85:05:56:f7:9a:94:2d:0e:
                    ec:2f:3a:26:f3:a2:c2:6e:d1:60:5f:46:67:03:af:
                    11:44:43:b5:bc:8e:6d:4c:41:e0:11:2a:5e:cc:51:
                    27:3e:b8:cd:86:51:1b:23:65:d2:c4:ea:ce:52:5d:
                    fc:41:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier:
                FC:3D:0E:91:21:0E:56:A4:92:B2:C9:8A:1A:8C:60:A0:72:D6:76:1B
            X509v3 Authority Key Identifier:
                keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1

            Authority Information Access:
                OCSP - URI:http://ocsp.int-x3.letsencrypt.org
                CA Issuers - URI:http://cert.int-x3.letsencrypt.org/

            X509v3 Subject Alternative Name:
                DNS:computer-stube.de, DNS:www.computer-stube.de
            X509v3 Certificate Policies:
                Policy: 2.23.140.1.2.1
                Policy: 1.3.6.1.4.1.44947.1.1.1
                  CPS: http://cps.letsencrypt.org

            CT Precertificate SCTs:
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 5E:A7:73:F9:DF:56:C0:E7:B5:36:48:7D:D0:49:E0:32:
                                7A:91:9A:0C:84:A1:12:12:84:18:75:96:81:71:45:58
                    Timestamp : Feb  7 16:18:11.609 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9B:62:8C:0B:A1:94:D0:B0:0B:1F:AF:
                                C5:7D:ED:01:7B:27:29:42:FD:02:5A:83:F4:E5:F7:9E:
                                0A:21:E4:F9:D2:02:20:3D:27:82:76:65:35:27:67:84:
                                44:A1:8F:BA:FC:C8:F4:A4:B8:C5:58:2F:7C:AA:3A:52:
                                EC:53:3B:C9:2C:86:F6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : B2:1E:05:CC:8B:A2:CD:8A:20:4E:87:66:F9:2B:B9:8A:
                                25:20:67:6B:DA:FA:70:E7:B2:49:53:2D:EF:8B:90:5E
                    Timestamp : Feb  7 16:18:11.579 2020 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:C9:AC:90:37:78:78:07:EA:57:44:70:
                                B2:56:A5:51:4F:B5:FE:0B:3D:3E:D6:39:83:70:EB:3F:
                                D7:B8:FF:F0:BF:02:20:3F:BB:27:BD:1D:3C:AA:5F:58:
                                D2:39:4F:49:EE:94:90:34:88:47:A5:8F:7D:DB:07:CB:
                                D6:D8:52:5D:20:17:D5
    Signature Algorithm: sha256WithRSAEncryption
         32:12:b1:ef:43:c1:b2:1f:f1:36:9b:96:7d:34:24:1b:f9:cf:
         df:a7:6d:8c:22:17:67:1b:a2:3c:f9:79:1a:a8:cc:a7:a8:cf:
         01:e0:72:9c:1c:16:2b:b0:fc:bd:45:86:0f:fe:57:47:e8:2d:
         a1:c9:d6:78:a6:b6:fe:fb:00:31:e7:3f:21:f5:79:6f:e3:88:
         17:6a:04:eb:1a:38:8c:65:9f:4a:6d:ab:e0:17:04:c5:92:97:
         bd:82:cb:31:71:35:e4:c4:69:78:e1:65:f8:35:cb:20:91:c4:
         e5:e6:ce:64:ba:5e:17:b7:60:9a:89:0d:41:c2:03:3f:d0:40:
         2a:d4:33:51:85:f4:d9:bc:25:bc:39:63:fb:5d:f9:c7:86:20:
         ec:8c:9e:2a:57:aa:8e:81:1a:71:99:44:c7:0d:2e:5c:12:b6:
         c8:ec:48:ef:20:68:91:0e:0c:ad:8e:a1:45:db:d5:54:98:1b:
         84:da:25:cf:9c:9e:e4:38:a6:f3:b9:09:61:21:5c:83:84:dc:
         94:b7:59:67:62:e3:f3:37:49:63:f4:24:2f:a9:0c:71:e5:1f:
         ec:97:1d:c9:0c:ad:6c:7b:59:54:7f:45:fa:cb:38:81:28:ba:
         05:e5:7d:32:fd:42:4b:ed:5e:fc:f4:5c:c3:41:36:a3:c0:9f:
         69:3a:00:59
[Fri Feb  7 17:18:12 CET 2020] Cert success.
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAwdwX2MrDTgBQ70JMFV91XaeMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0yMDAyMDcxNTE4MTFaFw0y
MDA1MDcxNTE4MTFaMBwxGjAYBgNVBAMTEWNvbXB1dGVyLXN0dWJlLmRlMIICIjAN
BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApxoEdcOuMqdBQpD3+9Fh8gtUGX1D
tO2m4PpTCzkzXWvsx4qu/FuLCAnObQTsrzDMGVyBkrcD/gBk8V5ic9LrM2n2dRA1
UeeeH4ghNg0xRuC/bHyeL1D5p9cXrMUOulSSSkMasV7GalieFivU9tcgj+gn5Cqk
kwH/hHgBG5g+1EPMKflZ2VwyfsZn4MeTL4ilCks45en/hgd4UCRxwhjOurUzuKZL
irbwYoPUc/ttA0EEcgdw056wOYdpk+rcp/ooL3oWwdPpO5VwFJjCKn+QIgywMv3m
wyYBkLcZWOWppkJSX7OClkdhxfB8QgkomKI7VKwRn0t0ek9Z9CJWB5MohhGRhXrm
Iqo6BebUbR3mzfmxa+BNpExdf/iBvbXPV5czve4PHhelS5EJSo936Vl42KBz9WbC
DPH7GB2+Cm7s2wozFXePgAHWQF2vZ0k1Sv8IsxwVmUrS8HV+EoADOnsJbw9w9rXc
5AhYICnsIr4qTnieofcy6iuodd7BqkPEDARNyzIsPxBQDXX+seiNj1IVOKZZ2Jgc
UA89fZycuXzGI9iDheh2gAtq3+Nhj0WEZzeiOe5qHLNB5Zdsp3SebFDMmFjx7UjQ
XdBRhQVW95qULQ7sLzom86LCbtFgX0ZnA68RREO1vI5tTEHgESpezFEnPrjNhlEb
I2XSxOrOUl38QcsCAwEAAaOCAn0wggJ5MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
/D0OkSEOVqSSssmKGoxgoHLWdhswHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl
7/Oo7KEwbwYIKwYBBQUHAQEEYzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5p
bnQteDMubGV0c2VuY3J5cHQub3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5p
bnQteDMubGV0c2VuY3J5cHQub3JnLzAzBgNVHREELDAqghFjb21wdXRlci1zdHVi
ZS5kZYIVd3d3LmNvbXB1dGVyLXN0dWJlLmRlMEwGA1UdIARFMEMwCAYGZ4EMAQIB
MDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMubGV0c2Vu
Y3J5cHQub3JnMIIBBAYKKwYBBAHWeQIEAgSB9QSB8gDwAHYAXqdz+d9WwOe1Nkh9
0EngMnqRmgyEoRIShBh1loFxRVgAAAFwIHHEGQAABAMARzBFAiEAm2KMC6GU0LAL
H6/Ffe0BeycpQv0CWoP05feeCiHk+dICID0ngnZlNSdnhEShj7r8yPSkuMVYL3yq
OlLsUzvJLIb2AHYAsh4FzIuizYogTodm+Su5iiUgZ2va+nDnsklTLe+LkF4AAAFw
IHHD+wAABAMARzBFAiEAyayQN3h4B+pXRHCyVqVRT7X+Cz0+1jmDcOs/17j/8L8C
ID+7J70dPKpfWNI5T0nulJA0iEelj33bB8vW2FJdIBfVMA0GCSqGSIb3DQEBCwUA
A4IBAQAyErHvQ8GyH/E2m5Z9NCQb+c/fp22MIhdnG6I8+XkaqMynqM8B4HKcHBYr
sPy9RYYP/ldH6C2hydZ4prb++wAx5z8h9Xlv44gXagTrGjiMZZ9KbavgFwTFkpe9
gssxcTXkxGl44WX4NcsgkcTl5s5kul4Xt2CaiQ1BwgM/0EAq1DNRhfTZvCW8OWP7
XfnHhiDsjJ4qV6qOgRpxmUTHDS5cErbI7EjvIGiRDgytjqFF29VUmBuE2iXPnJ7k
OKbzuQlhIVyDhNyUt1lnYuPzN0lj9CQvqQxx5R/slx3JDK1se1lUf0X6yziBKLoF
5X0y/UJL7V789FzDQTajwJ9pOgBZ
-----END CERTIFICATE-----
[Fri Feb  7 17:18:12 CET 2020] Your cert is in  /root/.acme.sh/computer-stube.de/computer-stube.de.cer
[Fri Feb  7 17:18:12 CET 2020] Your cert key is in  /root/.acme.sh/computer-stube.de/computer-stube.de.key
[Fri Feb  7 17:18:12 CET 2020] The intermediate CA cert is in  /root/.acme.sh/computer-stube.de/ca.cer
[Fri Feb  7 17:18:12 CET 2020] And the full chain certs is there:  /root/.acme.sh/computer-stube.de/fullchain.cer
[information] Updated Let's Encrypt certificate for computer-stube.de
[information] Let's Encrypt certificates have been updated
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:80
[notice] 178.63.105.174:80 :: namevirtualhost-statement no longer needed for apache-2.4
[debug] 178.63.105.174:80 :: inserted vhostcontainer
[information] apache::createIpPort: creating ip/port settings for  178.63.105.174:443
[debug] 178.63.105.174:443 :: inserted vhostcontainer
[information] apache::createVirtualHosts: creating vhost container for domain 4, customer test
[information] apache::createVirtualHosts: creating vhost container for domain 3, customer test
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] apache::writeConfigs: rebuilding /etc/apache2/htpasswd/
[information] apache::writeConfigs: rebuilding /etc/apache2/sites-enabled/
[information] Froxlor\Cron\Http\ApacheFcgi::reload: reloading Froxlor\Cron\Http\ApacheFcgi
[notice] Creating passwd file
[notice] Writing 1 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 1 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid

 

Was mir nun noch aufgefallen ist:

image.thumb.png.37090bc4326214746469764b349e36df.png

Diese beiden Verzeichnisse gibt es bei mir nicht.

  • 0
Posted

Was bedeutet für dich denn "zeigt auf root"? Also die vhosts sehen korrekt aus. Wenn du jetzt die domain aufrufst landest du also nicht in dem Kundenordner sondern auf /var/www/? 

Was ich dir jetzt schon sagen kann, computer-stube.de zeigt laut nameserver auf 104.18.37.68 und 104.18.36.68, so wie 2606:4700:3034::6812:2444 und 2606:4700:3035::6812:2544 aber offenbar in keinem fall auf 178.63.105.174 - da wird auch schon dein problem liegen. Die domain test.computer-stube.de allerdings zeigt tatsächlich auf die 178.63.105.174; wie du da jetzt für "computer-stube.de" von Let's Encrypt ein Zertifikat bekommen konntest ist mir ein Rätsel. Hört dein Server ggfls auf all diese IPs???

  • 0
Posted

Hi d00p,

ich nutze Cloudflare als DNS Server - diesbezüglich versteckt dieser auch meine tatsächliche IP Adresse unter Anderem hinter der 104.18. ....

Der Seitenaufruf verweist immer auf das Admin-Login-Fenster (/var/www/froxlor/) - das wollte ich mit "root" aussagen 😄

Grüße

Michael

  • 0
Posted

joa, und warum ist dann die 104.18. usw. nicht in froxlor eingetragen? Webserver bekommt gesagt: gib ma vhost für domain xyz auf 104.18.x.x und der webserver sacht: kenn ich nicht und zeigt den erstbesten vhost an den er kennt - ergo "root" :)

  • 0
Posted

Hi,

wo hat es denn gehackt?
Ich versuche auch einem ähnlichen Problem auf die Schliche zu kommen.

Die 35_...conf werden angelegt aber der Apache ignoriert den Inhalt irgendwie...

Zum Vergleich: diese Domain leitet mich direkt zur Froxlor Oberfläche (Php-fpm, froxlor VHost direkt erreichbar, ...)

# 35_froxlor_ssl_vhost_www2.domain.at.conf
# Created 20.02.2020 15:47
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 6 (SSL) - CustomerID: 2 - CustomerLogin: domain
<VirtualHost 178.Z.X.Y:443>
  ServerName www2.domain.at
  ServerAdmin info@domain.at
  SSLEngine On
  SSLProtocol -ALL +TLSv1.2
  Protocols h2 http/1.1
  SSLCompression Off
  SSLSessionTickets on
  SSLHonorCipherOrder off
  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/froxlor-custom/www2.domain.at.crt
  SSLCertificateKeyFile /etc/ssl/froxlor-custom/www2.domain.at.key
  SSLCACertificateFile /etc/ssl/froxlor-custom/www2.domain.at_CA.pem
  SSLCertificateChainFile /etc/ssl/froxlor-custom/www2.domain.at_chain.pem
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=0"
  </IfModule>
  DocumentRoot "/var/customers/webs/domain/www2.domain.at/"
  <FilesMatch \.(php)$>
  SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-domain-www2.domain.at-php-fpm.socket|fcgi://localhost
  </FilesMatch>
  <Directory "/var/customers/webs/domain/www2.domain.at/">
    Require all granted
    AllowOverride All
  </Directory>
  Alias /webalizer "/var/customers/webs/domain/webalizer/www2.domain.at"
  LogLevel debug
  ErrorLog "/var/customers/logs/domain-www2.domain.at-error.log"
  CustomLog "/var/customers/logs/domain-www2.domain.at-access.log" combined
</VirtualHost>

Diese bringt mich zum Ziel:

# 35_froxlor_ssl_vhost_1.domain2.com.conf
# Created 20.02.2020 15:47
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

# Domain ID: 2 (SSL) - CustomerID: 1 - CustomerLogin: domain2
<VirtualHost 178.Z.X.Y:443>
  ServerName 1.domain2.com
  ServerAdmin domain2.name@icloud.com
  SSLEngine On
  SSLProtocol -ALL +TLSv1.2
  Protocols h2 http/1.1
  SSLCompression Off
  SSLSessionTickets on
  SSLHonorCipherOrder off
  SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
  SSLVerifyDepth 10
  SSLCertificateFile /etc/ssl/froxlor-custom/1.domain2.com.crt
  SSLCertificateKeyFile /etc/ssl/froxlor-custom/1.domain2.com.key
  SSLCACertificateFile /etc/ssl/froxlor-custom/1.domain2.com_CA.pem
  SSLCertificateChainFile /etc/ssl/froxlor-custom/1.domain2.com_chain.pem
  <IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=0"
  </IfModule>
  DocumentRoot "/var/customers/webs/domain2/1.domain2.com/"
  <FilesMatch \.(php)$>
  SetHandler proxy:unix:/var/lib/apache2/fastcgi/1-domain2-1.domain2.com-php-fpm.socket|fcgi://localhost
  </FilesMatch>
  <Directory "/var/customers/webs/domain2/1.domain2.com/">
    Require all granted
    AllowOverride All
  </Directory>
  Alias /webalizer "/var/customers/webs/domain2/webalizer/1.domain2.com"
  LogLevel debug
  ErrorLog "/var/customers/logs/domain2-1.domain2.com-error.log"
  CustomLog "/var/customers/logs/domain2-1.domain2.com-access.log" combined
</VirtualHost>

Und noch die ipandport config:

# 10_froxlor_ipandport_178.Z.X.Y.443.conf
# Created 20.02.2020 15:47
# Do NOT manually edit this file, all changes will be deleted after the next domain change at the panel.

<VirtualHost 178.Z.X.Y:443>
DocumentRoot "/var/www/froxlor/"
 ServerName panel.domain.eu
  <FilesMatch \.(php)$>
  SetHandler proxy:unix:/var/lib/apache2/fastcgi/3-froxlor.panel-panel.domain.eu-php-fpm.socket|fcgi://localhost
  </FilesMatch>
 SSLEngine On
 SSLProtocol -ALL +TLSv1.2
 Protocols h2 http/1.1
 SSLCompression Off
 SSLSessionTickets on
 SSLHonorCipherOrder off
 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 SSLVerifyDepth 10
 SSLCertificateFile /etc/ssl/froxlor-custom/panel.domain.eu.crt
 SSLCertificateKeyFile /etc/ssl/froxlor-custom/panel.domain.eu.key
 SSLCACertificateFile /etc/ssl/froxlor-custom/panel.domain.eu_CA.pem
 SSLCertificateChainFile /etc/ssl/froxlor-custom/panel.domain.eu_chain.pem
</VirtualHost>

Welche Logfiles wären interessant? Die Customer Logs zeigen nichts. (Also kein Inhalt)

Danke!

LG

  • 0
Posted

😜 Jetzt geht es. Habe ca. 100x den cronjob gestartet und apache neu gestartet und php und und und. Aber keine Änderung.

Nachdem ich hier gepostet habe geht es plötzlich.

Also: Mark as solved

Thx

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...