Posts by cproinfo

  • v1.5.3 - Add custom DNS entries at domain creation or update

    Hi,


    I'm trying to have a www dNS record that does not have th same IP as the domain itself.

    I tried to get the listener listed here : https://github.com/i-MSCP/imsc…ed_override_default_rr.pl

    And did a

    # /var/www/imscp/engine/setup/imscp-reconfigure -dv

    then, add a custom DNS entry in the domain (in fact a domain alias) but, no luck, bind won't ork qith the file, as there's 2 "www" records.


    I also tried to modify the part file (/etc/imscp/bind/parts/db.tpl) to remove the www record, it worked, but if i modify an already existent domain, and there's no "www" custom DNS entry, it won't work anymore...


    As a solution, I think that modifying the "part file", and add a custom "www" DNS entry by default when creating or updating the domain would be sufficient.

    But I can't manage to find the right file to update.


    Any help would be appreciated.


    Many many thanks

  • Invalid certificate after update (to register a listener)

    Quote from joximu

    What gives a manual

    Code
    1. openssl verify -CAfile /etc/imscp/imscp_services.pem -purpose sslserver /etc/imscp/imscp_services.pem

    ??

    Hi.
    here's the output. :


    Code
    1. /etc/imscp/imscp_services.pem: OK


    So, I decide to do a new :


    Code
    1. cd /usr/local/src/imscp-1.5.3-2018120800/
    2. perl imscp-autoinstall -dasr named



    And the setup detects the cert for panel invalid : cf log

    Code
    1. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl pkey -in /etc/imscp/imscp_services.pem -noout
    2. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl verify -CAfile /etc/imscp/imscp_services.pem -purpose sslserver /etc/imscp/imscp_services.p em
    3. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::OpenSSL::validateCertificate: /etc/imscp/imscp_services.pem: OK
    4. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl pkey -in /etc/imscp/panel.cproinfo.fr.pem -noout
    5. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: openssl verify -CAfile /etc/imscp/panel.cproinfo.fr.pem -purpose sslserver /etc/imscp/panel.cproinfo.fr.pem
    6. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::OpenSSL::validateCertificate: error /etc/imscp/panel.cproinfo.fr.pem: verification failed
    7. [Tue Jun 7 02:43:15 2022] [debug] iMSCP::Execute::execute: /usr/bin/dialog --no-label No --no-shadow --ok-label Ok --help-label Help --colors --cancel-label B ack --exit-label Abort --backtitle 'i-MSCP - internet Multi Server Control Panel (1.5.3)' --yes-label Yes --title 'i-MSCP Installer Dialog' --msgbox '
    8. Your SSL certificate for the control panel is missing or invalid.



    So I did after a :

    Code
    1. openssl verify -CAfile /etc/imscp/panel.cproinfo.fr.pem -purpose sslserver /etc/imscp/panel.cproinfo.fr.pem
    2. /etc/imscp/panel.cproinfo.fr.pem: OK


    So, when I connect I have the alert message tha CA is unknown... Click OK, the renew the certificate via LetsEncrypt option.

    When I connect, all is fine, but when i ran :


    Code
    1. # openssl verify -CAfile /etc/imscp/panel.cproinfo.fr.pem -purpose sslserver /etc/imscp/panel.cproinfo.fr.pem
    2. O = Digital Signature Trust Co., CN = DST Root CA X3
    3. error 10 at 3 depth lookup: certificate has expired
    4. error /etc/imscp/panel.cproinfo.fr.pem: verification failed


    But, if I run :

    Code
    1. openssl verify -purpose sslserver /etc/imscp/panel.cproinfo.fr.pem
    2. /etc/imscp/panel.cproinfo.fr.pem: OK


    Is there a way to "remove" the "-CAfile /etc/...." part of the command ?

  • Invalid certificate after update (to register a listener)

    Hi everybody


    I followed this tutorial (which I need to adapt for me cause it doesn't work.. but it's anoter problem) : Listener::Named::Slave::Provisioning - Zonetransfer to Secondary Nameserver + Howto

    In this tuto there's a new listener to register.

    The command to achieve this is :

    Code
    1. cd /usr/local/src/imscp-1.5.3-2018120800/
    2. perl imscp-autoinstall -dasr named


    each time I ran this command, the setup detects my certificates for the panel and the services as invalid.

    They are generated via the LetsEncrypt plugin.


    My setup :

    Debian 9 - up to date

    iMSCP v 1.5.3 - last release

    FQDN : web1.cproinfo.fr

    Panel address : panel.cproinfo.fr



    The log output (/var/log/imscp/imscp-setup.log) :

    Code
    1. [Sun Jun 5 02:47:05 2022] [debug] iMSCP::Execute::execute: openssl pkey -in /etc/imscp/imscp_services.pem -noout
    2. [Sun Jun 5 02:47:05 2022] [debug] iMSCP::Execute::execute: openssl verify -CAfile /etc/imscp/imscp_services.pem -purpose sslserver /etc/imscp/imscp_services.pem
    3. [Sun Jun 5 02:47:05 2022] [debug] iMSCP::OpenSSL::validateCertificate: error /etc/imscp/imscp_services.pem: verification failed
    4. [Sun Jun 5 02:47:05 2022] [debug] iMSCP::Execute::execute: /usr/bin/dialog --exit-label Abort --yes-label Yes --ok-label Ok --title 'i-MSCP Installer Dialog' --backtitle 'i-MSCP - internet Multi Server Control Panel (1.5.3)' --cancel-label Back --help-label Help --colors --no-label No --no-shadow --msgbox 'Your SSL certificate for the FTP and MAIL services is missing or invalid.



    The certificate is generated today !

    I already did :

    Code
    1. dpkg-reconfigure ca-certificates

    to update the DB and change the preferred root CA...


    In order to make this working again, I have to revoke the certs in the panel then generate new certs, and all is fine till next update....


    Is it because I have 2 dns names for the services and for the panel ?

    Am I missing another thing ?


    Many thanks for your help.

  • logrotate error reported

    Quote from Nuxwin

    cproinfo


    The imscp_panel.swp file is a state file that has not been installed by i-MSCP. Somehow, you have surely edited the file using VIM editor. You can safetely remove that file.

    You're right.

    I edited the "/etc/logrotate.d/imscp_panel" with vim to reduce log conservation to 5 weeks (was 52).

    Thanks a lot.

    I'll wait tomorrow to check if I receive a new notification mail.

  • logrotate error reported

    Hi everybody


    Since few days, I got this error reported by mail.


    /etc/cron.daily/logrotate:
    error: .imscp_panel.swp:1 unknown option 'b' -- ignoring line
    error: .imscp_panel.swp:2 lines must begin with a keyword or a filename (possibly in double quotes)


    I don't know where to start my investigations.

    Any help would be greatly appreciated.


    Thansks

  • Use a RelayHost

    Quote from Nuxwin

    Yes, normally the package is automatically installed but there is maybe a bug somewhere... I'll check on. And sorry, I answered too late each time... You were more fast than me...

    You're Welcome.


    I hope that this thread will help community.


    As we say in our contry : A plus tard.


    PS : comment faire pour marquer le thread en résolu ?

  • Use a RelayHost

    Quote from Nuxwin

    The smarthost listener listen to some events that are trigggered by thei-MSCP installer to install required distribution package (libsasl2-modules) and inject the required Postfix configuration stanza into the Posfix main.cf configuration file. Therefore, you need to rerun the i-MSCP installer to make the changes effective. From your i-MSCP archive, run: perl imscp-autoinstall -danv

    Thanks NuxWin for the command line...

    your one include installaing dependencies? is it right ?

  • Use a RelayHost

    Hi All..

    As I found the solution, I share with the community.

    Note, when you have to use SASL in postfix, be sure to have libsasl2-modules installed on your system.


    Code
    1. # apt-get install libsasl2-modules


    And Voila !!!

    Sorry for the noise.