Try a reconfiguration.
Posts by Nuxwin
-
-
Any LTS version >= 14.04 (Ubuntu 16.04 recommended)
You need wait for the next version which will be released end of december.
-
ok merci
i l est ou ce manuel sur le site
stéphan
Non mais sérieusement, il faudrait penser à en apprendre d'avantage... C'est la base...
https://en.wikipedia.org/wiki/Man_page
Je vous rapelle qu'on est pas la pour vous apprendre à administrer votre serveur
-
I have a custom billing system, and my online payment partner communicate with an old client with us...
That client not support SNI, and apache get back 403 error message:
[Tue Nov 06 08:39:05.759045 2018] [ssl:error] [pid 16618:tid 140185341699840] AH02033: No hostname was provided via SNI for a name based virtual host
I already talked to them, but they need development in they system... Meantime I need solution for this...
OK... The problem is that disabling SNI check in the vhost file that belongs to your billing system is not sufficient if that vhost is not seen as the default name-based vrtual host for the IP/PORT compound:
Quote from apache documentationThis directive sets whether a non-SNI client is allowed to access a name-based virtual host. If set to on in the default name-based virtual host, clients that are SNI unaware will not be allowed to access any virtual host, belonging to this particular IP / port combination. If set to on in any other virtual host, SNI unaware clients are not allowed to access this particular virtual host.
So here, you have two choices:
First choice
Disable SNI vhost checking globally. This can be done through the /etc/apache2/mods-available/ssl.conf file.
Second choice
Assign a dedicated IP for the billing site, then make sure that the IP is only set (used) for the vhost of the billing system, then disable SNI vhost check in the billing vhost. This could involve the creation of an i-MSCP customer for the billing system subdomain only. Regarding the SNI directive, you can add it into the /etc/apache2/imscp/<domain.tld> file for persistence.
-
Can I set SSLStrictSNIVHostCheck off somehow? I need this one of my site.
Before giving you any answer, I would want known why you need set the SNI vhost check off exactly.
-
-
Well, ifconfig show that the IP 84.200.83.93 is configured on the eth0 interface:
Code- eth0 Link encap:Ethernet Hardware Adresse 4c:cc:6a:89:03:a6
- inet Adresse:84.200.83.93 Bcast:84.200.83.255 Maske:255.255.255.0
- inet6-Adresse: fe80::4ecc:6aff:fe89:3a6/64 Gültigkeitsbereich:Verbindung
- UP BROADCAST RUNNING MULTICAST MTU:1500 Metrik:1
- RX-Pakete:7343336 Fehler:0 Verloren:0 Überläufe:0 Fenster:0
- TX-Pakete:110085 Fehler:0 Verloren:0 Überläufe:0 Träger:0
- Kollisionen:0 Sendewarteschlangenlänge:1000
- RX-Bytes:496522860 (496.5 MB) TX-Bytes:10613929 (10.6 MB)
I presume that it's the primary server IP. The problem is that in your /etc/network/interfaces file, that IP is not configured manually, and so, i-MSCP add a configuration stanza for it on an alias interface eth0:1001:
Of course, because the IP is already configured on the eth0 interface, this cannot work... Basically, you need to remove the above configuration stanza from your /etc/network/interfaces file and configure the IP manually. A stanza such as:
should be OK. Don't forget to replace <your_gateway> by your gateway. Once done, retry the upgrade.
-
Do you have configured the ETH Interface manually? Then, please also give us the full content of your /etc/network/interfaces file.
Content of your /etc/network/interfaces file please...
-
I've deleted your last answer. Please, use the right bbcode to suround your copy-past:
[code]bla bla bla[/code]
Thanks.
-
This is a bug in composer due to openssl1.1.1 version changes.... Please try the following:
- Remove the /var/local/imscp/composer.phar file manually
- Run the i-MSCP 1.5.3 version installer with the --clean-package-cache command line option.
Voir la page de manuel service(8)