Jump to content
Froxlor Forum
  • 0
irisdina

acme.sh Failed

Question

Hi,

habe froxlor heute auf dem neusten stand gebracht und wollte eine domain hinzufügen inkl. ssl settings.
Da ist mit dieser Fehler aufgefallen, durch den Fehler wird auch mein nginx process gekillt jedesmal.

 

php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Requesting 1 new Let's Encrypt certificates
[warning] Skipping Let's Encrypt generation for xxxxxxxxxxxxxx.eu due to an enabled ssl_redirect
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/sayanee.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for sayanee.eu:

[error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxxxxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxxxxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:

[information] Let's Encrypt certificates have been updated
[information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:80
[information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:443
[information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:80
[information] nginx::createIpPort: creating ip/port settings for  xxxxxxx:443
[information] nginx::writeConfigs: rebuilding /etc/nginx/sites-enabled/
[information] Froxlor\Cron\Http\NginxFcgi::reload: running service php7.4-fpm restart
[information] Froxlor\Cron\Http\NginxFcgi::reload: reloading Froxlor\Cron\Http\NginxFcgi
[notice] Creating passwd file
[notice] Writing 2 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 2 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid
root@tokushu ~ # php /var/www/html/Froxlor/scripts/froxlor_master_cronjob.php --letsencrypt --debug
[information] Requesting 1 new Let's Encrypt certificates
[information] Creating certificate for xxxxxxxxxxxxxx.eu
[information] Adding common-name: xxxxxxxxxxxxxx.eu
[information] Adding SAN entry: www.xxxxxxxxxxxxxx.eu
[information] Validating DNS of xxxxxxxxxxxxxx.eu
[information] Validating DNS of www.xxxxxxxxxxxxxx.eu
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Sun 31 May 2020 02:22:28 AM CEST] Already uptodate!
[Sun 31 May 2020 02:22:28 AM CEST] Upgrade success!
[Sun 31 May 2020 02:22:28 AM CEST] Installing cron job
32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
[Sun 31 May 2020 02:22:28 AM CEST] Lets find script dir.
[Sun 31 May 2020 02:22:28 AM CEST] _SCRIPT_='/root/.acme.sh/acme.sh'
[Sun 31 May 2020 02:22:28 AM CEST] _script='/root/.acme.sh/acme.sh'
[Sun 31 May 2020 02:22:28 AM CEST] _script_home='/root/.acme.sh'
[Sun 31 May 2020 02:22:28 AM CEST] Using config home:/root/.acme.sh
[Sun 31 May 2020 02:22:28 AM CEST] Using server: https://acme-v02.api.letsencrypt.org/directory
[Sun 31 May 2020 02:22:28 AM CEST] Running cmd: issue
[Sun 31 May 2020 02:22:28 AM CEST] _main_domain='xxxxxxxxxxxxxx.eu'
[Sun 31 May 2020 02:22:28 AM CEST] _alt_domains='www.xxxxxxxxxxxxxx.eu'
[Sun 31 May 2020 02:22:28 AM CEST] Using config home:/root/.acme.sh
[Sun 31 May 2020 02:22:28 AM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Sun 31 May 2020 02:22:28 AM CEST] DOMAIN_PATH='/root/.acme.sh/xxxxxxxxxxxxxx.eu_ecc'
[Sun 31 May 2020 02:22:28 AM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Sun 31 May 2020 02:22:28 AM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Sun 31 May 2020 02:22:28 AM CEST] GET
[Sun 31 May 2020 02:22:28 AM CEST] url='https://acme-v02.api.letsencrypt.org/directory'
[Sun 31 May 2020 02:22:28 AM CEST] timeout=
[Sun 31 May 2020 02:22:28 AM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Sun 31 May 2020 02:22:29 AM CEST] ret='0'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_AUTHZ
[Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Sun 31 May 2020 02:22:29 AM CEST] ACME_VERSION='2'
[Sun 31 May 2020 02:22:29 AM CEST] Le_NextRenewTime='1595981974'
[Sun 31 May 2020 02:22:29 AM CEST] _saved_domain='xxxxxxxxxxxxxx.eu'
[Sun 31 May 2020 02:22:29 AM CEST] _saved_alt='www.xxxxxxxxxxxxxx.eu'
[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Sun 31 May 2020 02:22:29 AM CEST] Domains not changed.
[Sun 31 May 2020 02:22:29 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 12:19:34 AM UTC
[Sun 31 May 2020 02:22:29 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxxxxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxxxxxxxxx.eu:
https://github.com/acmesh-official/acme.sh
v2.8.6
[Sun 31 May 2020 02:22:29 AM CEST] Domains not changed.
[Sun 31 May 2020 02:22:29 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 12:19:34 AM UTC
[Sun 31 May 2020 02:22:29 AM CEST] Add '--force' to force to renew.
[information] Let's Encrypt certificates have been updated

im ordner .acme.sh sind auch alle cert's verschwunden. durch den fehler kann ich auch keine neue domain mit ssl hinzufügen.

Share this post


Link to post
Share on other sites

Recommended Posts

  • 0

habe mir die logs noch mal genauer angesehen und acme.sh meckert, das er den ordner "_ecc" nicht findet, aber die acme.sh erstellt die verz. eig. so: /.amce.sh/domain_ecc/ also macht keinen unterordner "_ecc"

php froxlor_master_cronjob.php --letsencrypt --force
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:32 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:32 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:46 AM UTC
[Sun 31 May 2020 04:24:32 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:32 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:32 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:52 AM UTC
[Sun 31 May 2020 04:24:32 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:33 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:33 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:41 AM UTC
[Sun 31 May 2020 04:24:33 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:34 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:34 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:14 AM UTC
[Sun 31 May 2020 04:24:34 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
[Sun 31 May 2020 04:24:35 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:35 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:58 AM UTC
[Sun 31 May 2020 04:24:35 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
[Sun 31 May 2020 04:24:36 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:36 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:33 AM UTC
[Sun 31 May 2020 04:24:36 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
[Sun 31 May 2020 04:24:37 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:37 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:06 AM UTC
[Sun 31 May 2020 04:24:37 AM CEST] Add '--force' to force to renew.
PHP Notice:  Undefined index: wwwserveralias in /var/www/html/Froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224
[error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:
[Sun 31 May 2020 04:24:37 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:37 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:26 AM UTC
[Sun 31 May 2020 04:24:37 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:38 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:38 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:46 AM UTC
[Sun 31 May 2020 04:24:38 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:39 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:39 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:52 AM UTC
[Sun 31 May 2020 04:24:39 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:40 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:40 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:41 AM UTC
[Sun 31 May 2020 04:24:40 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:
[Sun 31 May 2020 04:24:41 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:41 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:14 AM UTC
[Sun 31 May 2020 04:24:41 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:
[Sun 31 May 2020 04:24:42 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:42 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:19:58 AM UTC
[Sun 31 May 2020 04:24:42 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:
[Sun 31 May 2020 04:24:43 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:43 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:33 AM UTC
[Sun 31 May 2020 04:24:43 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:
[Sun 31 May 2020 04:24:43 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:43 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:06 AM UTC
[Sun 31 May 2020 04:24:43 AM CEST] Add '--force' to force to renew.
PHP Notice:  Undefined index: wwwserveralias in /var/www/html/Froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224
[error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:
[Sun 31 May 2020 04:24:44 AM CEST] Domains not changed.
[Sun 31 May 2020 04:24:44 AM CEST] Skip, Next renewal time is: Thu 30 Jul 2020 02:20:26 AM UTC
[Sun 31 May 2020 04:24:44 AM CEST] Add '--force' to force to renew.
[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/music.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for music.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/webmail.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for webmail.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/pmaaaaa.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for pmaaaaa.xxxxxxx.eu:

[error] Could not find certificate-folder '/root/.acme.sh/tokushu.xxxxxxx.eu/_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxxx.eu:

Auch die kompletten Files im Ordner "/etc/ssl/froxlor-custom/" sind verschwunden...

[error] tokushu.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] tokushu.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] music.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] pmaaaaa.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] webmail.xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
[error] xxxxxxx.eu :: certificate file "/etc/ssl/froxlor-custom/tokushu.xxxxxxx.eu.crt" does not exist! Cannot create ssl-directives
Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.

 

Share this post


Link to post
Share on other sites
  • 0

Das der _ecc Ordner da fälschlicherweise angehängt wird, kommt sicher von meinem commit vom 28.5. (https://github.com/Froxlor/Froxlor/commit/d73d8da2fddd8c25922d8f31b7f5e36c585e0b5c) - habe ich gerade gefixed (https://github.com/Froxlor/Froxlor/commit/394ec4cd4a39c20d0f755a5d7c16c0c8589fd737). Es wäre hilfreich wenn du in so einem Post auch sagst das du den git-stand nutzt und nicht den letzten release :)

Share this post


Link to post
Share on other sites
  • 0
1 hour ago, d00p said:

Das der _ecc Ordner da fälschlicherweise angehängt wird, kommt sicher von meinem commit vom 28.5. (https://github.com/Froxlor/Froxlor/commit/d73d8da2fddd8c25922d8f31b7f5e36c585e0b5c) - habe ich gerade gefixed (https://github.com/Froxlor/Froxlor/commit/394ec4cd4a39c20d0f755a5d7c16c0c8589fd737). Es wäre hilfreich wenn du in so einem Post auch sagst das du den git-stand nutzt und nicht den letzten release :)

merke ich mir das nächste mal und erwähne dann git-stand :P

eine Warnung spuckt er aber noch aus, habe ich gerade gesehen.

[warning] ECC certificates activated but found only non-ecc file
[warning] ECC certificates activated but found only non-ecc file
[warning] ECC certificates activated but found only non-ecc file
[warning] ECC certificates activated but found only non-ecc file
[warning] ECC certificates activated but found only non-ecc file

Aber let's läuft sonst jetzt wieder.

Share this post


Link to post
Share on other sites
  • 0

Jo, das kann sein, ist auch einfach nur ein hinweis, das du ecc aktiviert hast, aber da sind halt noch zertifikate ohne ecc, dann nimmt er die natürlich

Share this post


Link to post
Share on other sites
  • 0

irgendwie suckt die acme.sh immer noch bei mir ...
bekomme wieder den fehler "[error] Could not find file 'xxxxxxxxx.cer' in '/root/.acme.sh/xxxxxxxxx_ecc/_ecc/'"

nginx meckert auch wegen, "nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in "/etc/nginx/sites-enabled/10_froxlor_ipandport_xxxxxxxxxx.conf:5"
da keine Dateien unter "/etc/ssl/froxlor-custom" vorhanden sind.

 vorhande dateien im acme ordner:

~/.acme.sh/xxxxxxxxx_ecc # ls
xxxxxxxxx.conf  xxxxxxxxx.csr  xxxxxxxxx.csr.conf  xxxxxxxxx.key

 

 

aktuelle git vers. 

Share this post


Link to post
Share on other sites
  • 0
4 minutes ago, irisdina said:

'/root/.acme.sh/xxxxxxxxx_ecc/_ecc/

Wenn ich den Pfad so angucke ist es ja offensichtlich. Kann ich jetzt so ausm Stehgreif nicht sagen, dachte ich hätte das überall gefixed. Vermutlich an einer Stelle übersehen

Share this post


Link to post
Share on other sites
  • 0
1 minute ago, d00p said:

Wenn ich den Pfad so angucke ist es ja offensichtlich. Kann ich jetzt so ausm Stehgreif nicht sagen, dachte ich hätte das überall gefixed. Vermutlich an einer Stelle übersehen

Ja, aber auch das Costum Ordner keine dateien vorhanden sind, verstehe ich irgendwie nicht., für domains erstellt er die. nur für die froxlor domain nicht, aber manuel ein cert erstellen geht ohne probleme.
Die Domain für Froxlor, ist zwar nur eine Sub-Domain, aber die hat bisher noch nie probleme gemacht.

Share this post


Link to post
Share on other sites
  • 0

Alles klar, das schränkt die Möglichkeiten ein wo ich ggfls einen Fehler gemacht habe, danke, ich schau da später gleich rein und dann finden wir das Problem sicher ;)

Share this post


Link to post
Share on other sites
  • 0
On 6/4/2020 at 7:43 AM, d00p said:

Leider noch nicht.

[error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu:
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/10_froxlor_ipandport_xxxxxxxx.443.conf:5

ich probiere gleich mal, wenn ich frox eine andere sub domain zuweise, ob dies geht.

Share this post


Link to post
Share on other sites
  • 0

naja, der ordner passt doch, dann hat er für tokushu.xxxxxx.eu halt einfahc kein ecc zertifikat, er sollte ja danach dann alternativ im nicht _ecc-Ordner suchen...

Share this post


Link to post
Share on other sites
  • 0
9 minutes ago, d00p said:

naja, der ordner passt doch, dann hat er für tokushu.xxxxxx.eu halt einfahc kein ecc zertifikat, er sollte ja danach dann alternativ im nicht _ecc-Ordner suchen...

na ja, aber /etc/ssl/froxlor-custom ist immer noch leer, so lange er da die certs nicht erstellt. geht dies leider halt nicht.

Share this post


Link to post
Share on other sites
  • 0

sind denn Zertifikate in /root/.acme.sh/[domain] ? Das ist mal die grundlage. Denn froxlor synchronisiert diese mit seiner Datenbank und aus der eigenen Datenbank schreibt er die dann nach /etc/ssl/froxlor-custom/

Share this post


Link to post
Share on other sites
  • 0
40 minutes ago, d00p said:

sind denn Zertifikate in /root/.acme.sh/[domain] ? Das ist mal die grundlage. Denn froxlor synchronisiert diese mit seiner Datenbank und aus der eigenen Datenbank schreibt er die dann nach /etc/ssl/froxlor-custom/

das sind die einzigen dateien die im ordner vorhanden sind.

Unbenannt.JPG.e1b52ddb94b9199a2fc78a3310353280.JPG

Share this post


Link to post
Share on other sites
  • 0

Kann ich dir nicht sagen wieso es nicht klappt, habe gerade gestern erst auf froxlor.org alles erneuert und es wurde wunderbar übernommen. In deinem Ordner ist ja auch nur nen key und nen csr...kein zertifikat.

Lösch doch bitte einfach mal das Zertifikat einmal in froxlor und einmal via acme.sh und den ganzen ordner. Dann froxlor cron mit --force --debug und schau was er ausgibt. 

Share this post


Link to post
Share on other sites
  • 0
19 minutes ago, d00p said:

Kann ich dir nicht sagen wieso es nicht klappt, habe gerade gestern erst auf froxlor.org alles erneuert und es wurde wunderbar übernommen. In deinem Ordner ist ja auch nur nen key und nen csr...kein zertifikat.

Lösch doch bitte einfach mal das Zertifikat einmal in froxlor und einmal via acme.sh und den ganzen ordner. Dann froxlor cron mit --force --debug und schau was er ausgibt. 

[Fri 05 Jun 2020 12:10:38 PM CEST] tokushu.xxxxxx.eu is removed, the key and cert files are in /root/.acme.sh/tokushu.xxxxxx.eu_ecc
[Fri 05 Jun 2020 12:10:38 PM CEST] You can remove them by yourself.
root@tokushu ~ # rm -r .acme.sh/


root@tokushu ~ # php /var/www/html/froxlor/scripts/froxlor_master_cronjob.php --force --debug
[information] TasksCron: Searching for tasks to do
[information] Running Let's Encrypt cronjob prior to regenerating webserver config files
[information] Could not find acme.sh - installing it to /root/.acme.sh/
--2020-06-05 12:16:00--  https://get.acme.sh/
Resolving get.acme.sh (get.acme.sh)... 2606:4700:3031::ac43:d022, 2606:4700:3037::681f:5944, 2606:4700:3033::681f:5844, ...
Connecting to get.acme.sh (get.acme.sh)|2606:4700:3031::ac43:d022|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘STDOUT’

-                                                                           [ <=>                                                                                                                                                                           ]     775  --.-KB/s    in 0s

2020-06-05 12:16:00 (10.7 MB/s) - written to stdout [775]

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  192k  100  192k    0     0  3264k      0 --:--:-- --:--:-- --:--:-- 3264k
[information] Requesting 1 new Let's Encrypt certificates
[information] Creating certificate for tokushu.xxxxxx.eu
[information] Adding common-name: tokushu.xxxxxx.eu
PHP Notice:  Undefined index: wwwserveralias in /var/www/html/froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224
[information] Adding SAN entry: ssl.smtp.tokushu.xxxxxx.eu
[information] Adding SAN entry: smtp.tokushu.xxxxxx.eu
[information] Adding SAN entry: smtps.tokushu.xxxxxx.eu
[information] Adding SAN entry: pop3.tokushu.xxxxxx.eu
[information] Adding SAN entry: pop3s.tokushu.xxxxxx.eu
[information] Adding SAN entry: imaps.tokushu.xxxxxx.eu
[information] Adding SAN entry: imap.tokushu.xxxxxx.eu
[information] Adding SAN entry: mail.tokushu.xxxxxx.eu
[information] Adding SAN entry: ssl.tokushu.xxxxxx.eu
[information] Validating DNS of tokushu.xxxxxx.eu
[information] Validating DNS of ssl.smtp.tokushu.xxxxxx.eu
[information] Validating DNS of smtp.tokushu.xxxxxx.eu
[information] Validating DNS of smtps.tokushu.xxxxxx.eu
[information] Validating DNS of pop3.tokushu.xxxxxx.eu
[information] Validating DNS of pop3s.tokushu.xxxxxx.eu
[information] Validating DNS of imaps.tokushu.xxxxxx.eu
[information] Validating DNS of imap.tokushu.xxxxxx.eu
[information] Validating DNS of mail.tokushu.xxxxxx.eu
[information] Validating DNS of ssl.tokushu.xxxxxx.eu
[information] Checking for LetsEncrypt client upgrades before renewing certificates:
[Fri 05 Jun 2020 12:16:02 PM CEST] Already uptodate!
[Fri 05 Jun 2020 12:16:02 PM CEST] Upgrade success!
[Fri 05 Jun 2020 12:16:02 PM CEST] Installing cron job
32 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null
[Fri 05 Jun 2020 12:16:02 PM CEST] Lets find script dir.
[Fri 05 Jun 2020 12:16:02 PM CEST] _SCRIPT_='/root/.acme.sh/acme.sh'
[Fri 05 Jun 2020 12:16:02 PM CEST] _script='/root/.acme.sh/acme.sh'
[Fri 05 Jun 2020 12:16:02 PM CEST] _script_home='/root/.acme.sh'
[Fri 05 Jun 2020 12:16:02 PM CEST] Using config home:/root/.acme.sh
[Fri 05 Jun 2020 12:16:02 PM CEST] Using server: https://acme-v02.api.letsencrypt.org/directory
[Fri 05 Jun 2020 12:16:02 PM CEST] Running cmd: issue
[Fri 05 Jun 2020 12:16:02 PM CEST] _main_domain='tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:02 PM CEST] _alt_domains='ssl.smtp.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,imap.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:02 PM CEST] Using config home:/root/.acme.sh
[Fri 05 Jun 2020 12:16:02 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri 05 Jun 2020 12:16:02 PM CEST] DOMAIN_PATH='/root/.acme.sh/tokushu.xxxxxx.eu_ecc'
[Fri 05 Jun 2020 12:16:02 PM CEST] Using ACME_DIRECTORY: https://acme-v02.api.letsencrypt.org/directory
[Fri 05 Jun 2020 12:16:02 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Fri 05 Jun 2020 12:16:02 PM CEST] GET
[Fri 05 Jun 2020 12:16:02 PM CEST] url='https://acme-v02.api.letsencrypt.org/directory'
[Fri 05 Jun 2020 12:16:02 PM CEST] timeout=
[Fri 05 Jun 2020 12:16:02 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Fri 05 Jun 2020 12:16:03 PM CEST] ret='0'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_KEY_CHANGE='https://acme-v02.api.letsencrypt.org/acme/key-change'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_AUTHZ
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_ORDER='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_ACCOUNT='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_REVOKE_CERT='https://acme-v02.api.letsencrypt.org/acme/revoke-cert'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_AGREEMENT='https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_NEW_NONCE='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_VERSION='2'
[Fri 05 Jun 2020 12:16:03 PM CEST] _on_before_issue
[Fri 05 Jun 2020 12:16:03 PM CEST] _chk_main_domain='tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _chk_alt_domains='ssl.smtp.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,imap.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Le_LocalAddress
[Fri 05 Jun 2020 12:16:03 PM CEST] d='tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='ssl.smtp.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='ssl.smtp.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='smtp.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='smtp.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='smtps.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='smtps.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='pop3.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='pop3.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='pop3s.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='pop3s.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='imaps.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='imaps.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='imap.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='imap.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='mail.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='mail.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d='ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] Check for domain='ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:03 PM CEST] _currentRoot='/var/www/html/froxlor'
[Fri 05 Jun 2020 12:16:03 PM CEST] d
[Fri 05 Jun 2020 12:16:03 PM CEST] config file is empty, can not read CA_KEY_HASH
[Fri 05 Jun 2020 12:16:03 PM CEST] Using config home:/root/.acme.sh
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri 05 Jun 2020 12:16:03 PM CEST] _init api for server: https://acme-v02.api.letsencrypt.org/directory
[Fri 05 Jun 2020 12:16:03 PM CEST] Use default length 2048
[Fri 05 Jun 2020 12:16:03 PM CEST] length='2048'
[Fri 05 Jun 2020 12:16:03 PM CEST] Using config home:/root/.acme.sh
[Fri 05 Jun 2020 12:16:03 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri 05 Jun 2020 12:16:03 PM CEST] Use length 2048
[Fri 05 Jun 2020 12:16:03 PM CEST] Using RSA: 2048
[Fri 05 Jun 2020 12:16:03 PM CEST] RSA key
[Fri 05 Jun 2020 12:16:03 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Fri 05 Jun 2020 12:16:03 PM CEST] payload='{"termsOfServiceAgreed": true}'
[Fri 05 Jun 2020 12:16:03 PM CEST] HEAD
[Fri 05 Jun 2020 12:16:03 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-nonce'
[Fri 05 Jun 2020 12:16:03 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g  -I  '
[Fri 05 Jun 2020 12:16:04 PM CEST] _ret='0'
[Fri 05 Jun 2020 12:16:04 PM CEST] POST
[Fri 05 Jun 2020 12:16:04 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-acct'
[Fri 05 Jun 2020 12:16:04 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Fri 05 Jun 2020 12:16:04 PM CEST] _ret='0'
[Fri 05 Jun 2020 12:16:04 PM CEST] code='201'
[Fri 05 Jun 2020 12:16:05 PM CEST] _accUri='https://acme-v02.api.letsencrypt.org/acme/acct/88035139'
[Fri 05 Jun 2020 12:16:05 PM CEST] Calc CA_KEY_HASH='e02+ECTYr4IfbyDmDYosA/zUqrPtyvnZowoRK80fq/o='
[Fri 05 Jun 2020 12:16:05 PM CEST] Read key length:
[Fri 05 Jun 2020 12:16:05 PM CEST] Using config home:/root/.acme.sh
[Fri 05 Jun 2020 12:16:05 PM CEST] ACME_DIRECTORY='https://acme-v02.api.letsencrypt.org/directory'
[Fri 05 Jun 2020 12:16:05 PM CEST] Use length 384
[Fri 05 Jun 2020 12:16:05 PM CEST] Using ec name: secp384r1
[Fri 05 Jun 2020 12:16:05 PM CEST] _createcsr
[Fri 05 Jun 2020 12:16:05 PM CEST] d='ssl.smtp.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='smtp.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='smtps.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='pop3.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='pop3s.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='imaps.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='imap.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='mail.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d='ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] d
[Fri 05 Jun 2020 12:16:05 PM CEST] url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri 05 Jun 2020 12:16:05 PM CEST] payload='{"identifiers": [{"type":"dns","value":"tokushu.xxxxxx.eu"},{"type":"dns","value":"ssl.smtp.tokushu.xxxxxx.eu"},{"type":"dns","value":"smtp.tokushu.xxxxxx.eu"},{"type":"dns","value":"smtps.tokushu.xxxxxx.eu"},{"type":"dns","value":"pop3.tokushu.xxxxxx.eu"},{"type":"dns","value":"pop3s.tokushu.xxxxxx.eu"},{"type":"dns","value":"imaps.tokushu.xxxxxx.eu"},{"type":"dns","value":"imap.tokushu.xxxxxx.eu"},{"type":"dns","value":"mail.tokushu.xxxxxx.eu"},{"type":"dns","value":"ssl.tokushu.xxxxxx.eu"}]}'
[Fri 05 Jun 2020 12:16:05 PM CEST] POST
[Fri 05 Jun 2020 12:16:05 PM CEST] _post_url='https://acme-v02.api.letsencrypt.org/acme/new-order'
[Fri 05 Jun 2020 12:16:05 PM CEST] _CURL='curl -L --silent --dump-header /root/.acme.sh/http.header  -g '
[Fri 05 Jun 2020 12:16:05 PM CEST] _ret='0'
[Fri 05 Jun 2020 12:16:05 PM CEST] code='429'
[Fri 05 Jun 2020 12:16:05 PM CEST] Le_LinkOrder
[Fri 05 Jun 2020 12:16:05 PM CEST] Le_OrderFinalize
[Fri 05 Jun 2020 12:16:05 PM CEST] Create new order error. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many certificates already issued for exact set of domains: imap.tokushu.xxxxxx.eu,imaps.tokushu.xxxxxx.eu,mail.tokushu.xxxxxx.eu,pop3.tokushu.xxxxxx.eu,pop3s.tokushu.xxxxxx.eu,smtp.tokushu.xxxxxx.eu,smtps.tokushu.xxxxxx.eu,ssl.smtp.tokushu.xxxxxx.eu,ssl.tokushu.xxxxxx.eu,tokushu.xxxxxx.eu: see https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}
[Fri 05 Jun 2020 12:16:05 PM CEST] pid
[Fri 05 Jun 2020 12:16:05 PM CEST] No need to restore nginx, skip.
[Fri 05 Jun 2020 12:16:05 PM CEST] _clearupdns
[Fri 05 Jun 2020 12:16:05 PM CEST] dns_entries
[Fri 05 Jun 2020 12:16:05 PM CEST] skip dns.
[Fri 05 Jun 2020 12:16:05 PM CEST] _on_issue_err
[Fri 05 Jun 2020 12:16:05 PM CEST] Please add '--debug' or '--log' to check more details.
[Fri 05 Jun 2020 12:16:05 PM CEST] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
[Fri 05 Jun 2020 12:16:05 PM CEST] Diagnosis versions:
openssl:openssl
OpenSSL 1.1.1g  21 Apr 2020
apache:
apache doesn't exists.
nginx:
nginx version: nginx/1.18.0
built with OpenSSL 1.1.1g  21 Apr 2020
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-HHffKl/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module --with-mail=dynamic --with-mail_ssl_module --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-auth-pam --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-dav-ext --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-echo --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-upstream-fair --add-dynamic-module=/build/nginx-HHffKl/nginx-1.18.0/debian/modules/http-subs-filter
socat:
socat by Gerhard Rieger and contributors - see www.dest-unreach.org
socat version 1.7.3.3 on Oct 26 2019 17:42:04
   running on Linux version #46-Ubuntu SMP Thu Dec 6 14:45:28 UTC 2018, release 4.15.0-43-generic, machine x86_64
features:
  #define WITH_STDIO 1
  #define WITH_FDNUM 1
  #define WITH_FILE 1
  #define WITH_CREAT 1
  #define WITH_GOPEN 1
  #define WITH_TERMIOS 1
  #define WITH_PIPE 1
  #define WITH_UNIX 1
  #define WITH_ABSTRACT_UNIXSOCKET 1
  #define WITH_IP4 1
  #define WITH_IP6 1
  #define WITH_RAWIP 1
  #define WITH_GENERICSOCKET 1
  #define WITH_INTERFACE 1
  #define WITH_TCP 1
  #define WITH_UDP 1
  #define WITH_SCTP 1
  #define WITH_LISTEN 1
  #define WITH_SOCKS4 1
  #define WITH_SOCKS4A 1
  #define WITH_PROXY 1
  #define WITH_SYSTEM 1
  #define WITH_EXEC 1
  #undef WITH_READLINE
  #define WITH_TUN 1
  #define WITH_PTY 1
  #define WITH_OPENSSL 1
  #undef WITH_FIPS
  #define WITH_LIBWRAP 1
  #define WITH_SYCLS 1
  #define WITH_FILAN 1
  #define WITH_RETRY 1
  #define WITH_MSGLEVEL 0 /*debug*/
[debug] https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri 05 Jun 2020 12:16:03 PM CEST] Create account key ok.
[Fri 05 Jun 2020 12:16:03 PM CEST] Registering account
[Fri 05 Jun 2020 12:16:04 PM CEST] Registered
[Fri 05 Jun 2020 12:16:05 PM CEST] ACCOUNT_THUMBPRINT='6Dckd7KQQrw3m8i9ygIeg_q7IQV5TRUNnKO2UgGoHOI'
[Fri 05 Jun 2020 12:16:05 PM CEST] Creating domain key
[Fri 05 Jun 2020 12:16:05 PM CEST] The domain key is here: /root/.acme.sh/tokushu.xxxxxx.eu_ecc/tokushu.xxxxxx.eu.key
[Fri 05 Jun 2020 12:16:05 PM CEST] Multi domain='DNS:tokushu.xxxxxx.eu,DNS:ssl.smtp.tokushu.xxxxxx.eu,DNS:smtp.tokushu.xxxxxx.eu,DNS:smtps.tokushu.xxxxxx.eu,DNS:pop3.tokushu.xxxxxx.eu,DNS:pop3s.tokushu.xxxxxx.eu,DNS:imaps.tokushu.xxxxxx.eu,DNS:imap.tokushu.xxxxxx.eu,DNS:mail.tokushu.xxxxxx.eu,DNS:ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] Getting domain auth token for each domain
[error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu:
https://github.com/acmesh-official/acme.sh
v2.8.6
[Fri 05 Jun 2020 12:16:03 PM CEST] Create account key ok.
[Fri 05 Jun 2020 12:16:03 PM CEST] Registering account
[Fri 05 Jun 2020 12:16:04 PM CEST] Registered
[Fri 05 Jun 2020 12:16:05 PM CEST] ACCOUNT_THUMBPRINT='6Dckd7KQQrw3m8i9ygIeg_q7IQV5TRUNnKO2UgGoHOI'
[Fri 05 Jun 2020 12:16:05 PM CEST] Creating domain key
[Fri 05 Jun 2020 12:16:05 PM CEST] The domain key is here: /root/.acme.sh/tokushu.xxxxxx.eu_ecc/tokushu.xxxxxx.eu.key
[Fri 05 Jun 2020 12:16:05 PM CEST] Multi domain='DNS:tokushu.xxxxxx.eu,DNS:ssl.smtp.tokushu.xxxxxx.eu,DNS:smtp.tokushu.xxxxxx.eu,DNS:smtps.tokushu.xxxxxx.eu,DNS:pop3.tokushu.xxxxxx.eu,DNS:pop3s.tokushu.xxxxxx.eu,DNS:imaps.tokushu.xxxxxx.eu,DNS:imap.tokushu.xxxxxx.eu,DNS:mail.tokushu.xxxxxx.eu,DNS:ssl.tokushu.xxxxxx.eu'
[Fri 05 Jun 2020 12:16:05 PM CEST] Getting domain auth token for each domain
[error] Could not find file 'tokushu.xxxxxx.eu.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not find file 'ca.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not find file 'fullchain.cer' in '/root/.acme.sh/tokushu.xxxxxx.eu_ecc/'
[error] Could not get Let's Encrypt certificate for tokushu.xxxxxx.eu:

[information] Let's Encrypt certificates have been updated
[information] nginx::createIpPort: creating ip/port settings for  [2a01:4f8:10a:1ca0::2]:80
[information] nginx::createIpPort: creating ip/port settings for  [2a01:4f8:10a:1ca0::2]:443
[debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
[debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
[information] nginx::createIpPort: creating ip/port settings for  88.99.92.97:80
[information] nginx::createIpPort: creating ip/port settings for  88.99.92.97:443
[debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
[debug] System certificate file "" does not seem to exist. Disabling SSL-vhost for "tokushu.xxxxxx.eu"
[information] nginx::writeConfigs: rebuilding /etc/nginx/sites-enabled/
[information] Froxlor\Cron\Http\NginxFcgi::reload: running service php7.4-fpm restart
[information] Froxlor\Cron\Http\NginxFcgi::reload: reloading Froxlor\Cron\Http\NginxFcgi
Job for nginx.service failed.
See "systemctl status nginx.service" and "journalctl -xe" for details.
[notice] Creating passwd file
[notice] Writing 2 entries to passwd file
[notice] Succesfully wrote passwd file
[notice] Creating group file
[notice] Writing 1 entries to group file
[notice] Succesfully wrote group file
[notice] Creating shadow file
[notice] Writing 2 entries to shadow file
[notice] Succesfully wrote shadow file
[notice] Checking system's last guid

 

Share this post


Link to post
Share on other sites
  • 0
9 minutes ago, irisdina said:

PHP Notice: Undefined index: wwwserveralias in /var/www/html/froxlor/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php on line 224

Das hier macht mich stutzig....das wird eindeutig in zeile 463 in der sql query selektiert, wurde da manuell in der DB rumgespielt bei den Domains?

 

9 minutes ago, irisdina said:

"detail": "Error creating new order :: too many certificates already issued for exact set of domains:

und dann hier die antwort von let's encrypt...liegt also nicht an froxlor...das ist eine let's encrypt restriktion. Damit hast du deine Ursache

Share this post


Link to post
Share on other sites
  • 0
19 minutes ago, d00p said:

Das hier macht mich stutzig....das wird eindeutig in zeile 463 in der sql query selektiert, wurde da manuell in der DB rumgespielt bei den Domains?

 

und dann hier die antwort von let's encrypt...liegt also nicht an froxlor...das ist eine let's encrypt restriktion. Damit hast du deine Ursache

nope, an der DB hab ich direkt nichts gemacht.

Und ja, den Fehler habe ich auch gesehen, aber warum kann ich dann ohne probleme manuell mehrmals am tag das cert erstellen? ^^

Share this post


Link to post
Share on other sites
  • 0
1 minute ago, irisdina said:

Und ja, den Fehler habe ich auch gesehen, aber warum kann ich dann ohne probleme manuell mehrmals am tag das cert erstellen? ^

Ja offenbar ja nicht...

Froxlor nimmt nur Vorhandenes. Wenn für die Domain unter /root/.acme.sh/ was da ist wird's genommen. Sonst nicht. Issue und renew  sind acme.sh Sache. Froxlor stößt nur an und gleich seine Datenbank mit.den Dateien von acme.sh ab.

Share this post


Link to post
Share on other sites
  • 0

dann muss ich halt einige tage jetzt mal warten.

wie verhindere ich jetzt, wenn ich meine domains wieder dazu packe, das er mir für die froxlor url, das cert holt? 

Share this post


Link to post
Share on other sites
  • 0

wie verhindern? Ich glaube ich verstehe nicht ganz was dein gesamt-plan ist oder du erklärst es einfach nicht ausreichend. Willst du für eine Domain kein Let's Encrypt, dann deaktiviere Let's Encrypt für die Domain in den Domain-Settings.

Zusätzlich findest du hier vllt ein bisschen Info bzgl. den rate-limites von let's encrypt: https://letsencrypt.org/de/docs/rate-limits/

Share this post


Link to post
Share on other sites
  • 0
11 minutes ago, d00p said:

wie verhindern? Ich glaube ich verstehe nicht ganz was dein gesamt-plan ist oder du erklärst es einfach nicht ausreichend. Willst du für eine Domain kein Let's Encrypt, dann deaktiviere Let's Encrypt für die Domain in den Domain-Settings.

Zusätzlich findest du hier vllt ein bisschen Info bzgl. den rate-limites von let's encrypt: https://letsencrypt.org/de/docs/rate-limits/

hab die einstellungen gefunden. nur erstellt mir die acme.sh jetzt überhaupt kein cert mehr, egal für welche domain. wenn ich bei frox --force --debug mache.

Share this post


Link to post
Share on other sites
  • 0

Hast du let's encrypt jetzt global ausgemacht oder was? Sorry, ganz ehrlich, ich kann dir nicht wirklich folgen...

Share this post


Link to post
Share on other sites
  • 0
7 hours ago, d00p said:

Hast du let's encrypt jetzt global ausgemacht oder was? Sorry, ganz ehrlich, ich kann dir nicht wirklich folgen...

ja, habe per certbot einfach die zerts erstellt. probiere in einigen tagen dann nochmal mit der acme.sh und frox

 

Share this post


Link to post
Share on other sites
  • 0

Aaaaahja....sorry, bei so manuellem gefrickel ohne daß du was davon sagst kann ich nicht effektiv helfen.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...