Thanks for your answers.
I followed the "tuto" by fulltilt , and it's not mentionned but if you want the "line 134" to be commented in production, you also have to edit the file in your source dir.
I have to wait a day or 2 to renew the command cause I'm stuck with LetsEncrypt limits....
here's the output. :
So, I decide to do a new :
And the setup detects the cert for panel invalid : cf logCode
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl pkey -in /etc/imscp/imscp_services.pem -noout
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl verify -CAfile /etc/imscp/imscp_services.pem -purpose sslserver /etc/imscp/imscp_services.p em
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::OpenSSL::validateCertificate: /etc/imscp/imscp_services.pem: OK
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl pkey -in /etc/imscp/panel.cproinfo.fr.pem -noout
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl verify -CAfile /etc/imscp/panel.cproinfo.fr.pem -purpose sslserver /etc/imscp/panel.cproinfo.fr.pem
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::OpenSSL::validateCertificate: error /etc/imscp/panel.cproinfo.fr.pem: verification failed
- [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: /usr/bin/dialog --no-label No --no-shadow --ok-label Ok --help-label Help --colors --cancel-label B ack --exit-label Abort --backtitle 'i-MSCP - internet Multi Server Control Panel (1.5.3)' --yes-label Yes --title 'i-MSCP Installer Dialog' --msgbox '
- Your SSL certificate for the control panel is missing or invalid.
So I did after a :
So, when I connect I have the alert message tha CA is unknown... Click OK, the renew the certificate via LetsEncrypt option.
When I connect, all is fine, but when i ran :
But, if I run :
Is there a way to "remove" the "-CAfile /etc/...." part of the command ?
I followed this tutorial (which I need to adapt for me cause it doesn't work.. but it's anoter problem) : Listener::Named::Slave::Provisioning - Zonetransfer to Secondary Nameserver + Howto
In this tuto there's a new listener to register.
The command to achieve this is :
each time I ran this command, the setup detects my certificates for the panel and the services as invalid.
They are generated via the LetsEncrypt plugin.
My setup :
Debian 9 - up to date
iMSCP v 1.5.3 - last release
FQDN : web1.cproinfo.fr
Panel address : panel.cproinfo.fr
The log output (/var/log/imscp/imscp-setup.log) :Code
- [Sun Jun 5 02:47:05 2022] [debug] iMSCP::Execute::execute: openssl pkey -in /etc/imscp/imscp_services.pem -noout
- [Sun Jun 5 02:47:05 2022] [debug] iMSCP::Execute::execute: openssl verify -CAfile /etc/imscp/imscp_services.pem -purpose sslserver /etc/imscp/imscp_services.pem
- [Sun Jun 5 02:47:05 2022] [debug] iMSCP::OpenSSL::validateCertificate: error /etc/imscp/imscp_services.pem: verification failed
- [Sun Jun 5 02:47:05 2022] [debug] iMSCP::Execute::execute: /usr/bin/dialog --exit-label Abort --yes-label Yes --ok-label Ok --title 'i-MSCP Installer Dialog' --backtitle 'i-MSCP - internet Multi Server Control Panel (1.5.3)' --cancel-label Back --help-label Help --colors --no-label No --no-shadow --msgbox 'Your SSL certificate for the FTP and MAIL services is missing or invalid.
The certificate is generated today !
I already did :
to update the DB and change the preferred root CA...
In order to make this working again, I have to revoke the certs in the panel then generate new certs, and all is fine till next update....
Is it because I have 2 dns names for the services and for the panel ?
Am I missing another thing ?
Many thanks for your help.
The imscp_panel.swp file is a state file that has not been installed by i-MSCP. Somehow, you have surely edited the file using VIM editor. You can safetely remove that file.
I edited the "/etc/logrotate.d/imscp_panel" with vim to reduce log conservation to 5 weeks (was 52).
Thanks a lot.
I'll wait tomorrow to check if I receive a new notification mail.
Since few days, I got this error reported by mail.
error: .imscp_panel.swp:1 unknown option 'b' -- ignoring line
error: .imscp_panel.swp:2 lines must begin with a keyword or a filename (possibly in double quotes)
I don't know where to start my investigations.
Any help would be greatly appreciated.
Yes, normally the package is automatically installed but there is maybe a bug somewhere... I'll check on. And sorry, I answered too late each time... You were more fast than me...
I hope that this thread will help community.
As we say in our contry : A plus tard.
PS : comment faire pour marquer le thread en résolu ?
The smarthost listener listen to some events that are trigggered by thei-MSCP installer to install required distribution package (libsasl2-modules) and inject the required Postfix configuration stanza into the Posfix main.cf configuration file. Therefore, you need to rerun the i-MSCP installer to make the changes effective. From your i-MSCP archive, run: perl imscp-autoinstall -danv
Thanks NuxWin for the command line...
your one include installaing dependencies? is it right ?
So I found that I need to run the installer...
But now I got this error :
Here is part of the "main.cf"
Does anyone have an idea ?