May 31, 20205 yr Hi, habe froxlor heute auf dem neusten stand gebracht und wollte eine domain hinzufügen inkl. ssl settings. Da ist mit dieser Fehler aufgefallen, durch den Fehler wird auch mein nginx process gekillt jedesmal. php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --force --debug [information] TasksCron: Searching for tasks to do [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Requesting 1 new Let's Encrypt certificates [warning] Skipping Let's Encrypt generation for xxxxxxxxxxxxxx.eu due to an enabled ssl_redirect [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/sayanee.eu/_ecc/' [error] Could not get Let's Encrypt certificate for sayanee.eu: [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxxxxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxxxxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu: [information] Let's Encrypt certificates have been updated [information] nginx::createIpPort: creating ip/port settings for xxxxxxx:80 [information] nginx::createIpPort: creating ip/port settings for xxxxxxx:443 [information] nginx::createIpPort: creating ip/port settings for xxxxxxx:80 [information] nginx::createIpPort: creating ip/port settings for xxxxxxx:443 [information] nginx::writeConfigs: rebuilding /etc/nginx/sites-enabled/ [information] Froxlor\Cron\Http\NginxFcgi::reload: running service php7.4-fpm restart [information] Froxlor\Cron\Http\NginxFcgi::reload: reloading Froxlor\Cron\Http\NginxFcgi [notice] Creating passwd file [notice] Writing 2 entries to passwd file [notice] Succesfully wrote passwd file [notice] Creating group file [notice] Writing 1 entries to group file [notice] Succesfully wrote group file [notice] Creating shadow file [notice] Writing 2 entries to shadow file [notice] Succesfully wrote shadow file [notice] Checking system's last guid root@tokushu ~ # php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug [information] Requesting 1 new Let's Encrypt certificates [information] Creating certificate for xxxxxxxxxxxxxx.eu [information] Adding common-name: xxxxxxxxxxxxxx.eu [information] Adding SAN entry: www.xxxxxxxxxxxxxx.eu [information] Validating DNS of xxxxxxxxxxxxxx.eu [information] Validating DNS of www.xxxxxxxxxxxxxx.eu [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Sun 31 May 2020 02:22:28 AM CEST] Already uptodate! [Sun 31 May 2020 02:22:28 AM CEST] Upgrade success! [Sun 31 May 2020 02:22:28 AM CEST] Installing cron job 32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null [Sun 31 May 2020 02:22:28 AM CEST] Lets find script dir. [Sun 31 May 2020 02:22:28 AM CEST] _SCRIPT_='/root/.acme.sh/acme.sh' [Sun 31 May 2020 02:22:28 AM CEST] _script='/root/.acme.sh/acme.sh' [Sun 31 May 2020 02:22:28 AM CEST] _script_home='/root/.acme.sh' [Sun 31 May 2020 02:22:28 AM CEST] Using config home:/root/.acme.sh [Sun 31 May 2020 02:22:28 AM CEST] Using server: https://acme-v02.api.letsencrypt.org/directory [Sun 31 May 2020 02:22:28 AM CEST] Running cmd: issue [Sun 31 May 2020 02:22:28 AM CEST] _main_domain='xxxxxxxxxxxxxx.eu' [Sun 31 May 2020 02:22:28 AM CEST] _alt_domains='www.xxxxxxxxxxxxxx.eu' [Sun 31 May 2020 02:22:28 AM CEST] Using config home:/root/.acme.sh [Sun 31 May 2020 02:22:28 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Sun 31 May 2020 02:22:28 AM CEST] DOMAIN_PATH='/root/.acme.sh/xxxxxxxxxxxxxx.eu_ecc' [Sun 31 May 2020 02:22:28 AM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Sun 31 May 2020 02:22:28 AM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Sun 31 May 2020 02:22:28 AM CEST] GET [Sun 31 May 2020 02:22:28 AM CEST] url='https://acme-v02.api.letsencrypt.org/directory' [Sun 31 May 2020 02:22:28 AM CEST] timeout= [Sun 31 May 2020 02:22:28 AM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Sun 31 May 2020 02:22:29 AM CEST] ret='0' [Sun 31 May 2020 02:22:29 AM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_AUTHZ [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Sun 31 May 2020 02:22:29 AM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Sun 31 May 2020 02:22:29 AM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Sun 31 May 2020 02:22:29 AM CEST] ACME_VERSION='2' [Sun 31 May 2020 02:22:29 AM CEST] Le_NextRenewTime='1595981974' [Sun 31 May 2020 02:22:29 AM CEST] _saved_domain='xxxxxxxxxxxxxx.eu' [Sun 31 May 2020 02:22:29 AM CEST] _saved_alt='www.xxxxxxxxxxxxxx.eu' [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Sun 31 May 2020 02:22:29 AM CEST] Domains not changed. [Sun 31 May 2020 02:22:29 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 12:19:34 AM UTC [Sun 31 May 2020 02:22:29 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxxxxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxxxxxxxxx.eu: https://github.com/acmesh-official/acme.sh v2.8.6 [Sun 31 May 2020 02:22:29 AM CEST] Domains not changed. [Sun 31 May 2020 02:22:29 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 12:19:34 AM UTC [Sun 31 May 2020 02:22:29 AM CEST] Add '--force' to force to renew. [information] Let's Encrypt certificates have been updated im ordner .acme.sh sind auch alle cert's verschwunden. durch den fehler kann ich auch keine neue domain mit ssl hinzufügen.
May 31, 20205 yr Author habe mir die logs noch mal genauer angesehen und acme.sh meckert, das er den ordner "_ecc" nicht findet, aber die acme.sh erstellt die verz. eig. so: /.amce.sh/domain_ecc/ also macht keinen unterordner "_ecc" php froxlor_master_cronjob.php --letsencrypt --force [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:32 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:32 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:46 AM UTC [Sun 31 May 2020 04:24:32 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:32 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:32 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:52 AM UTC [Sun 31 May 2020 04:24:32 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:33 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:33 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:41 AM UTC [Sun 31 May 2020 04:24:33 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:34 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:34 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:14 AM UTC [Sun 31 May 2020 04:24:34 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu: [Sun 31 May 2020 04:24:35 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:35 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:58 AM UTC [Sun 31 May 2020 04:24:35 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu: [Sun 31 May 2020 04:24:36 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:36 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:33 AM UTC [Sun 31 May 2020 04:24:36 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu: [Sun 31 May 2020 04:24:37 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:37 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:06 AM UTC [Sun 31 May 2020 04:24:37 AM CEST] Add '--force' to force to renew. PHP Notice: Undefined index: wwwserveralias in /var/www/html/Froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224 [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu: [Sun 31 May 2020 04:24:37 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:37 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:26 AM UTC [Sun 31 May 2020 04:24:37 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:38 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:38 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:46 AM UTC [Sun 31 May 2020 04:24:38 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:39 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:39 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:52 AM UTC [Sun 31 May 2020 04:24:39 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:40 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:40 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:41 AM UTC [Sun 31 May 2020 04:24:40 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [Sun 31 May 2020 04:24:41 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:41 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:14 AM UTC [Sun 31 May 2020 04:24:41 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu: [Sun 31 May 2020 04:24:42 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:42 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:58 AM UTC [Sun 31 May 2020 04:24:42 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu: [Sun 31 May 2020 04:24:43 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:43 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:33 AM UTC [Sun 31 May 2020 04:24:43 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu: [Sun 31 May 2020 04:24:43 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:43 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:06 AM UTC [Sun 31 May 2020 04:24:43 AM CEST] Add '--force' to force to renew. PHP Notice: Undefined index: wwwserveralias in /var/www/html/Froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224 [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu: [Sun 31 May 2020 04:24:44 AM CEST] Domains not changed. [Sun 31 May 2020 04:24:44 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:26 AM UTC [Sun 31 May 2020 04:24:44 AM CEST] Add '--force' to force to renew. [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu: [error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu: Auch die kompletten Files im Ordner "/etc/ssl/froxlor-custom/" sind verschwunden... [error] tokushu.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] tokushu.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] music.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] pmaaaaa.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] webmail.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives [error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives Job for nginx.service failed. See "systemctl status nginx.service" and "journalctl -xe" for details.
May 31, 20205 yr Das der _ecc Ordner da fälschlicherweise angehängt wird, kommt sicher von meinem commit vom 28.5. (https://github.com/Froxlor/Froxlor/commit/d73d8da2fddd8c25922d8f31b7f5e36c585e0b5c) - habe ich gerade gefixed (https://github.com/Froxlor/Froxlor/commit/394ec4cd4a39c20d0f755a5d7c16c0c8589fd737). Es wäre hilfreich wenn du in so einem Post auch sagst das du den git-stand nutzt und nicht den letzten release
May 31, 20205 yr Author 1 hour ago, d00p said: Das der _ecc Ordner da fälschlicherweise angehängt wird, kommt sicher von meinem commit vom 28.5. (https://github.com/Froxlor/Froxlor/commit/d73d8da2fddd8c25922d8f31b7f5e36c585e0b5c) - habe ich gerade gefixed (https://github.com/Froxlor/Froxlor/commit/394ec4cd4a39c20d0f755a5d7c16c0c8589fd737). Es wäre hilfreich wenn du in so einem Post auch sagst das du den git-stand nutzt und nicht den letzten release merke ich mir das nächste mal und erwähne dann git-stand eine Warnung spuckt er aber noch aus, habe ich gerade gesehen. [warning] ECC certificates activated but found only non-ecc file [warning] ECC certificates activated but found only non-ecc file [warning] ECC certificates activated but found only non-ecc file [warning] ECC certificates activated but found only non-ecc file [warning] ECC certificates activated but found only non-ecc file Aber let's läuft sonst jetzt wieder.
May 31, 20205 yr Jo, das kann sein, ist auch einfach nur ein hinweis, das du ecc aktiviert hast, aber da sind halt noch zertifikate ohne ecc, dann nimmt er die natürlich
June 3, 20205 yr Author irgendwie suckt die acme.sh immer noch bei mir ... bekomme wieder den fehler "[error] Could not find file 'xxxxxxxxx.cer' in '/root/.acme.sh/xxxxxxxxx_ecc/_ecc/'" nginx meckert auch wegen, "nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in "/etc/nginx/sites-enabled/10_froxlor_ipandport_xxxxxxxxxx.conf:5" da keine Dateien unter "/etc/ssl/froxlor-custom" vorhanden sind. vorhande dateien im acme ordner: ~/.acme.sh/xxxxxxxxx_ecc # ls xxxxxxxxx.conf xxxxxxxxx.csr xxxxxxxxx.csr.conf xxxxxxxxx.key aktuelle git vers.
June 3, 20205 yr 4 minutes ago, irisdina said: '/root/.acme.sh/xxxxxxxxx_ecc/_ecc/ Wenn ich den Pfad so angucke ist es ja offensichtlich. Kann ich jetzt so ausm Stehgreif nicht sagen, dachte ich hätte das überall gefixed. Vermutlich an einer Stelle übersehen
June 3, 20205 yr Author 1 minute ago, d00p said: Wenn ich den Pfad so angucke ist es ja offensichtlich. Kann ich jetzt so ausm Stehgreif nicht sagen, dachte ich hätte das überall gefixed. Vermutlich an einer Stelle übersehen Ja, aber auch das Costum Ordner keine dateien vorhanden sind, verstehe ich irgendwie nicht., für domains erstellt er die. nur für die froxlor domain nicht, aber manuel ein cert erstellen geht ohne probleme. Die Domain für Froxlor, ist zwar nur eine Sub-Domain, aber die hat bisher noch nie probleme gemacht.
June 3, 20205 yr Alles klar, das schränkt die Möglichkeiten ein wo ich ggfls einen Fehler gemacht habe, danke, ich schau da später gleich rein und dann finden wir das Problem sicher
June 4, 20205 yr Schau mal ob es das jetzt war - sollte es sein: https://github.com/Froxlor/Froxlor/commit/2c98fc4c2d2522ab3e8006b5e968bc8a39f0ff56
June 5, 20205 yr Author On 6/4/2020 at 7:43 AM, d00p said: Schau mal ob es das jetzt war - sollte es sein: https://github.com/Froxlor/Froxlor/commit/2c98fc4c2d2522ab3e8006b5e968bc8a39f0ff56 Leider noch nicht. [error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu: nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/10_froxlor_ipandport_xxxxxxxx.443.conf:5 ich probiere gleich mal, wenn ich frox eine andere sub domain zuweise, ob dies geht.
June 5, 20205 yr naja, der ordner passt doch, dann hat er für tokushu.xxxxxx.eu halt einfahc kein ecc zertifikat, er sollte ja danach dann alternativ im nicht _ecc-Ordner suchen...
June 5, 20205 yr Author 9 minutes ago, d00p said: naja, der ordner passt doch, dann hat er für tokushu.xxxxxx.eu halt einfahc kein ecc zertifikat, er sollte ja danach dann alternativ im nicht _ecc-Ordner suchen... na ja, aber /etc/ssl/froxlor-custom ist immer noch leer, so lange er da die certs nicht erstellt. geht dies leider halt nicht.
June 5, 20205 yr sind denn Zertifikate in /root/.acme.sh/[domain] ? Das ist mal die grundlage. Denn froxlor synchronisiert diese mit seiner Datenbank und aus der eigenen Datenbank schreibt er die dann nach /etc/ssl/froxlor-custom/
June 5, 20205 yr Author 40 minutes ago, d00p said: sind denn Zertifikate in /root/.acme.sh/[domain] ? Das ist mal die grundlage. Denn froxlor synchronisiert diese mit seiner Datenbank und aus der eigenen Datenbank schreibt er die dann nach /etc/ssl/froxlor-custom/ das sind die einzigen dateien die im ordner vorhanden sind.
June 5, 20205 yr Kann ich dir nicht sagen wieso es nicht klappt, habe gerade gestern erst auf froxlor.org alles erneuert und es wurde wunderbar übernommen. In deinem Ordner ist ja auch nur nen key und nen csr...kein zertifikat. Lösch doch bitte einfach mal das Zertifikat einmal in froxlor und einmal via acme.sh und den ganzen ordner. Dann froxlor cron mit --force --debug und schau was er ausgibt.
June 5, 20205 yr Author 19 minutes ago, d00p said: Kann ich dir nicht sagen wieso es nicht klappt, habe gerade gestern erst auf froxlor.org alles erneuert und es wurde wunderbar übernommen. In deinem Ordner ist ja auch nur nen key und nen csr...kein zertifikat. Lösch doch bitte einfach mal das Zertifikat einmal in froxlor und einmal via acme.sh und den ganzen ordner. Dann froxlor cron mit --force --debug und schau was er ausgibt. [Fri 05 Jun 2020 12:10:38 PM CEST] tokushu.xxxxxx.eu is removed, the key and cert files are in /root/.acme.sh/tokushu.xxxxxx.eu_ecc [Fri 05 Jun 2020 12:10:38 PM CEST] You can remove them by yourself. root@tokushu ~ # rm -r .acme.sh/ root@tokushu ~ # php /var/www/html/froxlor/scripts/froxlor_master_cronjob.php --force --debug [information] TasksCron: Searching for tasks to do [information] Running Let's Encrypt cronjob prior to regenerating webserver config files [information] Could not find acme.sh - installing it to /root/.acme.sh/ --2020-06-05 12:16:00-- https://get.acme.sh/ Resolving get.acme.sh (get.acme.sh)... 2606:4700:3031::ac43:d022, 2606:4700:3037::681f:5944, 2606:4700:3033::681f:5844, ... Connecting to get.acme.sh (get.acme.sh)|2606:4700:3031::ac43:d022|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: ‘STDOUT’ - [ <=> ] 775 --.-KB/s in 0s 2020-06-05 12:16:00 (10.7 MB/s) - written to stdout [775] % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 192k 100 192k 0 0 3264k 0 --:--:-- --:--:-- --:--:-- 3264k [information] Requesting 1 new Let's Encrypt certificates [information] Creating certificate for tokushu.xxxxxx.eu [information] Adding common-name: tokushu.xxxxxx.eu PHP Notice: Undefined index: wwwserveralias in /var/www/html/froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224 [information] Adding SAN entry: ssl.smtp.tokushu.xxxxxx.eu [information] Adding SAN entry: smtp.tokushu.xxxxxx.eu [information] Adding SAN entry: smtps.tokushu.xxxxxx.eu [information] Adding SAN entry: pop3.tokushu.xxxxxx.eu [information] Adding SAN entry: pop3s.tokushu.xxxxxx.eu [information] Adding SAN entry: imaps.tokushu.xxxxxx.eu [information] Adding SAN entry: imap.tokushu.xxxxxx.eu [information] Adding SAN entry: mail.tokushu.xxxxxx.eu [information] Adding SAN entry: ssl.tokushu.xxxxxx.eu [information] Validating DNS of tokushu.xxxxxx.eu [information] Validating DNS of ssl.smtp.tokushu.xxxxxx.eu [information] Validating DNS of smtp.tokushu.xxxxxx.eu [information] Validating DNS of smtps.tokushu.xxxxxx.eu [information] Validating DNS of pop3.tokushu.xxxxxx.eu [information] Validating DNS of pop3s.tokushu.xxxxxx.eu [information] Validating DNS of imaps.tokushu.xxxxxx.eu [information] Validating DNS of imap.tokushu.xxxxxx.eu [information] Validating DNS of mail.tokushu.xxxxxx.eu [information] Validating DNS of ssl.tokushu.xxxxxx.eu [information] Checking for LetsEncrypt client upgrades before renewing certificates: [Fri 05 Jun 2020 12:16:02 PM CEST] Already uptodate! [Fri 05 Jun 2020 12:16:02 PM CEST] Upgrade success! [Fri 05 Jun 2020 12:16:02 PM CEST] Installing cron job 32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null [Fri 05 Jun 2020 12:16:02 PM CEST] Lets find script dir. [Fri 05 Jun 2020 12:16:02 PM CEST] _SCRIPT_='/root/.acme.sh/acme.sh' [Fri 05 Jun 2020 12:16:02 PM CEST] _script='/root/.acme.sh/acme.sh' [Fri 05 Jun 2020 12:16:02 PM CEST] _script_home='/root/.acme.sh' [Fri 05 Jun 2020 12:16:02 PM CEST] Using config home:/root/.acme.sh [Fri 05 Jun 2020 12:16:02 PM CEST] Using server: https://acme-v02.api.letsencrypt.org/directory [Fri 05 Jun 2020 12:16:02 PM CEST] Running cmd: issue [Fri 05 Jun 2020 12:16:02 PM CEST] _main_domain='tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:02 PM CEST] _alt_domains='ssl.smtp.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,imap.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:02 PM CEST] Using config home:/root/.acme.sh [Fri 05 Jun 2020 12:16:02 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Fri 05 Jun 2020 12:16:02 PM CEST] DOMAIN_PATH='/root/.acme.sh/tokushu.xxxxxx.eu_ecc' [Fri 05 Jun 2020 12:16:02 PM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory [Fri 05 Jun 2020 12:16:02 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Fri 05 Jun 2020 12:16:02 PM CEST] GET [Fri 05 Jun 2020 12:16:02 PM CEST] url='https://acme-v02.api.letsencrypt.org/directory' [Fri 05 Jun 2020 12:16:02 PM CEST] timeout= [Fri 05 Jun 2020 12:16:02 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Fri 05 Jun 2020 12:16:03 PM CEST] ret='0' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_AUTHZ [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_VERSION='2' [Fri 05 Jun 2020 12:16:03 PM CEST] _on_before_issue [Fri 05 Jun 2020 12:16:03 PM CEST] _chk_main_domain='tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _chk_alt_domains='ssl.smtp.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,imap.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Le_LocalAddress [Fri 05 Jun 2020 12:16:03 PM CEST] d='tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='ssl.smtp.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='ssl.smtp.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='smtp.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='smtp.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='smtps.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='smtps.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='pop3.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='pop3.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='pop3s.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='pop3s.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='imaps.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='imaps.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='imap.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='imap.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='mail.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='mail.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d='ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor' [Fri 05 Jun 2020 12:16:03 PM CEST] d [Fri 05 Jun 2020 12:16:03 PM CEST] config file is empty, can not read CA_KEY_HASH [Fri 05 Jun 2020 12:16:03 PM CEST] Using config home:/root/.acme.sh [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Fri 05 Jun 2020 12:16:03 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory [Fri 05 Jun 2020 12:16:03 PM CEST] Use default length 2048 [Fri 05 Jun 2020 12:16:03 PM CEST] length='2048' [Fri 05 Jun 2020 12:16:03 PM CEST] Using config home:/root/.acme.sh [Fri 05 Jun 2020 12:16:03 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Fri 05 Jun 2020 12:16:03 PM CEST] Use length 2048 [Fri 05 Jun 2020 12:16:03 PM CEST] Using RSA: 2048 [Fri 05 Jun 2020 12:16:03 PM CEST] RSA key [Fri 05 Jun 2020 12:16:03 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Fri 05 Jun 2020 12:16:03 PM CEST] payload='{"termsOfServiceAgreed": true}' [Fri 05 Jun 2020 12:16:03 PM CEST] HEAD [Fri 05 Jun 2020 12:16:03 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce' [Fri 05 Jun 2020 12:16:03 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g -I ' [Fri 05 Jun 2020 12:16:04 PM CEST] _ret='0' [Fri 05 Jun 2020 12:16:04 PM CEST] POST [Fri 05 Jun 2020 12:16:04 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct' [Fri 05 Jun 2020 12:16:04 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Fri 05 Jun 2020 12:16:04 PM CEST] _ret='0' [Fri 05 Jun 2020 12:16:04 PM CEST] code='201' [Fri 05 Jun 2020 12:16:05 PM CEST] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/88035139' [Fri 05 Jun 2020 12:16:05 PM CEST] Calc CA_KEY_HASH='e02+ECTYr4IfbyDmDYosA/zUqrPtyvnZowoRK80fq/o=' [Fri 05 Jun 2020 12:16:05 PM CEST] Read key length: [Fri 05 Jun 2020 12:16:05 PM CEST] Using config home:/root/.acme.sh [Fri 05 Jun 2020 12:16:05 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory' [Fri 05 Jun 2020 12:16:05 PM CEST] Use length 384 [Fri 05 Jun 2020 12:16:05 PM CEST] Using ec name: secp384r1 [Fri 05 Jun 2020 12:16:05 PM CEST] _createcsr [Fri 05 Jun 2020 12:16:05 PM CEST] d='ssl.smtp.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='smtp.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='smtps.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='pop3.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='pop3s.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='imaps.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='imap.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='mail.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d='ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] d [Fri 05 Jun 2020 12:16:05 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Fri 05 Jun 2020 12:16:05 PM CEST] payload='{"identifiers": [{"type":"dns","value":"tokushu.xxxxxx.eu"},{"type":"dns","value":"ssl.smtp.tokushu.xxxxxx.eu"},{"type":"dns","value":"smtp.tokushu.xxxxxx.eu"},{"type":"dns","value":"smtps.tokushu.xxxxxx.eu"},{"type":"dns","value":"pop3.tokushu.xxxxxx.eu"},{"type":"dns","value":"pop3s.tokushu.xxxxxx.eu"},{"type":"dns","value":"imaps.tokushu.xxxxxx.eu"},{"type":"dns","value":"imap.tokushu.xxxxxx.eu"},{"type":"dns","value":"mail.tokushu.xxxxxx.eu"},{"type":"dns","value":"ssl.tokushu.xxxxxx.eu"}]}' [Fri 05 Jun 2020 12:16:05 PM CEST] POST [Fri 05 Jun 2020 12:16:05 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order' [Fri 05 Jun 2020 12:16:05 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header -g ' [Fri 05 Jun 2020 12:16:05 PM CEST] _ret='0' [Fri 05 Jun 2020 12:16:05 PM CEST] code='429' [Fri 05 Jun 2020 12:16:05 PM CEST] Le_LinkOrder [Fri 05 Jun 2020 12:16:05 PM CEST] Le_OrderFinalize [Fri 05 Jun 2020 12:16:05 PM CEST] Create new order error. Le_OrderFinalize not found. { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many certificates already issued for exact set of domains: imap.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,ssl.smtp.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu,tokushu.xxxxxx.eu: see https://letsencrypt.org/docs/rate-limits/", "status": 429 } [Fri 05 Jun 2020 12:16:05 PM CEST] pid [Fri 05 Jun 2020 12:16:05 PM CEST] No need to restore nginx, skip. [Fri 05 Jun 2020 12:16:05 PM CEST] _clearupdns [Fri 05 Jun 2020 12:16:05 PM CEST] dns_entries [Fri 05 Jun 2020 12:16:05 PM CEST] skip dns. [Fri 05 Jun 2020 12:16:05 PM CEST] _on_issue_err [Fri 05 Jun 2020 12:16:05 PM CEST] Please add '--debug' or '--log' to check more details. [Fri 05 Jun 2020 12:16:05 PM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh [Fri 05 Jun 2020 12:16:05 PM CEST] Diagnosis versions: openssl:openssl OpenSSL 1.1.1g 21 Apr 2020 apache: apache doesn't exists. nginx: nginx version: nginx/1.18.0 built with OpenSSL 1.1.1g 21 Apr 2020 TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-HHffKl/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --with-mail=dynamic --with-mail_ssl_module --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-auth-pam --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-dav-ext --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-echo --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-upstream-fair --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-subs-filter socat: socat by Gerhard Rieger and contributors - see www.dest-unreach.org socat version 1.7.3.3 on Oct 26 2019 17:42:04 running on Linux version #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018, release 4.15.0-43-generic, machine x86_64 features: #define WITH_STDIO 1 #define WITH_FDNUM 1 #define WITH_FILE 1 #define WITH_CREAT 1 #define WITH_GOPEN 1 #define WITH_TERMIOS 1 #define WITH_PIPE 1 #define WITH_UNIX 1 #define WITH_ABSTRACT_UNIXSOCKET 1 #define WITH_IP4 1 #define WITH_IP6 1 #define WITH_RAWIP 1 #define WITH_GENERICSOCKET 1 #define WITH_INTERFACE 1 #define WITH_TCP 1 #define WITH_UDP 1 #define WITH_SCTP 1 #define WITH_LISTEN 1 #define WITH_SOCKS4 1 #define WITH_SOCKS4A 1 #define WITH_PROXY 1 #define WITH_SYSTEM 1 #define WITH_EXEC 1 #undef WITH_READLINE #define WITH_TUN 1 #define WITH_PTY 1 #define WITH_OPENSSL 1 #undef WITH_FIPS #define WITH_LIBWRAP 1 #define WITH_SYCLS 1 #define WITH_FILAN 1 #define WITH_RETRY 1 #define WITH_MSGLEVEL 0 /*debug*/ [debug] https://github.com/acmesh-official/acme.sh v2.8.6 [Fri 05 Jun 2020 12:16:03 PM CEST] Create account key ok. [Fri 05 Jun 2020 12:16:03 PM CEST] Registering account [Fri 05 Jun 2020 12:16:04 PM CEST] Registered [Fri 05 Jun 2020 12:16:05 PM CEST] ACCOUNT_THUMBPRINT='6Dckd7KQQrw3m8i9ygIeg_q7IQV5TRUNnKO2UgGoHOI' [Fri 05 Jun 2020 12:16:05 PM CEST] Creating domain key [Fri 05 Jun 2020 12:16:05 PM CEST] The domain key is here: /root/.acme.sh/tokushu.xxxxxx.eu_ecc/tokushu.xxxxxx.eu.key [Fri 05 Jun 2020 12:16:05 PM CEST] Multi domain='DNS:tokushu.xxxxxx.eu,DNS:ssl.smtp.tokushu.xxxxxx.eu,DNS:smtp.tokushu.xxxxxx.eu,DNS:smtps.tokushu.xxxxxx.eu,DNS:pop3.tokushu.xxxxxx.eu,DNS:pop3s.tokushu.xxxxxx.eu,DNS:imaps.tokushu.xxxxxx.eu,DNS:imap.tokushu.xxxxxx.eu,DNS:mail.tokushu.xxxxxx.eu,DNS:ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] Getting domain auth token for each domain [error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu: https://github.com/acmesh-official/acme.sh v2.8.6 [Fri 05 Jun 2020 12:16:03 PM CEST] Create account key ok. [Fri 05 Jun 2020 12:16:03 PM CEST] Registering account [Fri 05 Jun 2020 12:16:04 PM CEST] Registered [Fri 05 Jun 2020 12:16:05 PM CEST] ACCOUNT_THUMBPRINT='6Dckd7KQQrw3m8i9ygIeg_q7IQV5TRUNnKO2UgGoHOI' [Fri 05 Jun 2020 12:16:05 PM CEST] Creating domain key [Fri 05 Jun 2020 12:16:05 PM CEST] The domain key is here: /root/.acme.sh/tokushu.xxxxxx.eu_ecc/tokushu.xxxxxx.eu.key [Fri 05 Jun 2020 12:16:05 PM CEST] Multi domain='DNS:tokushu.xxxxxx.eu,DNS:ssl.smtp.tokushu.xxxxxx.eu,DNS:smtp.tokushu.xxxxxx.eu,DNS:smtps.tokushu.xxxxxx.eu,DNS:pop3.tokushu.xxxxxx.eu,DNS:pop3s.tokushu.xxxxxx.eu,DNS:imaps.tokushu.xxxxxx.eu,DNS:imap.tokushu.xxxxxx.eu,DNS:mail.tokushu.xxxxxx.eu,DNS:ssl.tokushu.xxxxxx.eu' [Fri 05 Jun 2020 12:16:05 PM CEST] Getting domain auth token for each domain [error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/' [error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu: [information] Let's Encrypt certificates have been updated [information] nginx::createIpPort: creating ip/port settings for [2a01:4f8:10a:1ca0::2]:80 [information] nginx::createIpPort: creating ip/port settings for [2a01:4f8:10a:1ca0::2]:443 [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu" [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu" [information] nginx::createIpPort: creating ip/port settings for 88.99.92.97:80 [information] nginx::createIpPort: creating ip/port settings for 88.99.92.97:443 [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu" [debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu" [information] nginx::writeConfigs: rebuilding /etc/nginx/sites-enabled/ [information] Froxlor\Cron\Http\NginxFcgi::reload: running service php7.4-fpm restart [information] Froxlor\Cron\Http\NginxFcgi::reload: reloading Froxlor\Cron\Http\NginxFcgi Job for nginx.service failed. See "systemctl status nginx.service" and "journalctl -xe" for details. [notice] Creating passwd file [notice] Writing 2 entries to passwd file [notice] Succesfully wrote passwd file [notice] Creating group file [notice] Writing 1 entries to group file [notice] Succesfully wrote group file [notice] Creating shadow file [notice] Writing 2 entries to shadow file [notice] Succesfully wrote shadow file [notice] Checking system's last guid
June 5, 20205 yr 9 minutes ago, irisdina said: PHP Notice: Undefined index: wwwserveralias in /var/www/html/froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224 Das hier macht mich stutzig....das wird eindeutig in zeile 463 in der sql query selektiert, wurde da manuell in der DB rumgespielt bei den Domains? 9 minutes ago, irisdina said: "detail": "Error creating new order :: too many certificates already issued for exact set of domains: und dann hier die antwort von let's encrypt...liegt also nicht an froxlor...das ist eine let's encrypt restriktion. Damit hast du deine Ursache
June 5, 20205 yr Author 19 minutes ago, d00p said: Das hier macht mich stutzig....das wird eindeutig in zeile 463 in der sql query selektiert, wurde da manuell in der DB rumgespielt bei den Domains? und dann hier die antwort von let's encrypt...liegt also nicht an froxlor...das ist eine let's encrypt restriktion. Damit hast du deine Ursache nope, an der DB hab ich direkt nichts gemacht. Und ja, den Fehler habe ich auch gesehen, aber warum kann ich dann ohne probleme manuell mehrmals am tag das cert erstellen? ^^
June 5, 20205 yr 1 minute ago, irisdina said: Und ja, den Fehler habe ich auch gesehen, aber warum kann ich dann ohne probleme manuell mehrmals am tag das cert erstellen? ^ Ja offenbar ja nicht... Froxlor nimmt nur Vorhandenes. Wenn für die Domain unter /root/.acme.sh/ was da ist wird's genommen. Sonst nicht. Issue und renew sind acme.sh Sache. Froxlor stößt nur an und gleich seine Datenbank mit.den Dateien von acme.sh ab.
June 5, 20205 yr Author dann muss ich halt einige tage jetzt mal warten. wie verhindere ich jetzt, wenn ich meine domains wieder dazu packe, das er mir für die froxlor url, das cert holt?
June 5, 20205 yr wie verhindern? Ich glaube ich verstehe nicht ganz was dein gesamt-plan ist oder du erklärst es einfach nicht ausreichend. Willst du für eine Domain kein Let's Encrypt, dann deaktiviere Let's Encrypt für die Domain in den Domain-Settings. Zusätzlich findest du hier vllt ein bisschen Info bzgl. den rate-limites von let's encrypt: https://letsencrypt.org/de/docs/rate-limits/
June 5, 20205 yr Author 11 minutes ago, d00p said: wie verhindern? Ich glaube ich verstehe nicht ganz was dein gesamt-plan ist oder du erklärst es einfach nicht ausreichend. Willst du für eine Domain kein Let's Encrypt, dann deaktiviere Let's Encrypt für die Domain in den Domain-Settings. Zusätzlich findest du hier vllt ein bisschen Info bzgl. den rate-limites von let's encrypt: https://letsencrypt.org/de/docs/rate-limits/ hab die einstellungen gefunden. nur erstellt mir die acme.sh jetzt überhaupt kein cert mehr, egal für welche domain. wenn ich bei frox --force --debug mache.
June 5, 20205 yr Hast du let's encrypt jetzt global ausgemacht oder was? Sorry, ganz ehrlich, ich kann dir nicht wirklich folgen...
June 5, 20205 yr Author 7 hours ago, d00p said: Hast du let's encrypt jetzt global ausgemacht oder was? Sorry, ganz ehrlich, ich kann dir nicht wirklich folgen... ja, habe per certbot einfach die zerts erstellt. probiere in einigen tagen dann nochmal mit der acme.sh und frox
Archived
This topic is now archived and is closed to further replies.