Let's Encrypt for VestaCP System (8083) and exim4 Topic is solved

Section with additional software for Vesta
mehargags
Moderators
Posts: 786
Joined: Sat Sep 06, 2014 9:58 pm
Contact:

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby mehargags » Sat Sep 30, 2017 9:09 am

@JakeTheDog420:
Such discouraging statements only show your innocence and unfamiliarity with the Linux system.

As my friend ScIT mentioned...this is an actively involved community... FREE Service... not paid for the time and efforts involved here. So do not compare this with the Spoon-fed bloatware yet expensive shit like cPanel. Infact I feel VestaCP is the only free Web Panel after Webmin to actually provide such an easy interface yet also LEARN Linux and the underlying configs.

Please do keep patience and read. Do not shame the community for not being active, we are trying our best with the time and efforts we have.

JakeTheDog420
Posts: 14
Joined: Sun Sep 24, 2017 6:00 am

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby JakeTheDog420 » Mon Oct 16, 2017 6:05 pm

mehargags wrote:@JakeTheDog420:
Such discouraging statements only show your innocence and unfamiliarity with the Linux system.

As my friend ScIT mentioned...this is an actively involved community... FREE Service... not paid for the time and efforts involved here. So do not compare this with the Spoon-fed bloatware yet expensive shit like cPanel. Infact I feel VestaCP is the only free Web Panel after Webmin to actually provide such an easy interface yet also LEARN Linux and the underlying configs.

Please do keep patience and read. Do not shame the community for not being active, we are trying our best with the time and efforts we have.


I wasn't trying to shame the community simply pointing out the fact its a shame it isn't more active. I understand you're trying your best with your time please don't take my message offensively. And you are correct I am unfamiliar with linux but I am trying to learn.

Also ScIT please could you go into further detail about the key mismatch? It seems my problem hasn't gone away and I'm trying now to figure a way to fix it without having to start fresh as I have some site files and email accounts configured I dont want to loose.

I think I may have removed the default domain and now it hasnt refreshed the certificate like you said but I am not 100%... What's the best route I can take to get back into vestacp? port 8083 is being refused and when I try to restart the service through terminal I get this error.

Code: Select all

[....] Restarting vesta-nginx: vesta-nginxnginx: [emerg] SSL_CTX_use_PrivateKey_file("/usr/local/vesta/ssl/certificate.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)


Thanks for your help, apologies if you took my last message in the wrong tone. If anything I was talking positively of VestaCP by saying how much of a shame it is the community isn't more alive as it deserves to be.

All the best
JakeTheDog

JakeTheDog420
Posts: 14
Joined: Sun Sep 24, 2017 6:00 am

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby JakeTheDog420 » Wed Oct 25, 2017 4:46 pm

ScIT wrote:
JakeTheDog420 wrote:Shame this forum isn't more active I feel like vesta has a lot to offer but without an active community many people probably move to cpanel or possibly even other free options with more active communities.. Anyway I'll post this in the other places I saw similar issues where I posted looking for help here so maybe it can help others (Y)

The forum is not inactiv, here is still life :).
JakeTheDog420 wrote:Starting vesta-nginx: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/usr/local/vesta/ssl/certificate.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

For the missmatch problem it is quite simple: The published script just compares and copy the cert files, like you wrote on your post (you do just the steps manualy, missed to set the permission).

The script is only a few lines long and also do not use complicated commands. So if you configure it properly (set the right user and domain name) the script will work without any troubles. Also you should not delete the web domain you used for the let's encrypt domain. otherwise the cert will not be refreshed anymore.

For VestaCP there is a bit of linux base knowledge needed, to understand his processes and how it is working. Maybe have a look at the script, try to understand what it does and also maybe why it could not work on your system (or why it stopped working after some time).



I realised the issue is with your script do you think you'd be able to tell me the correct commands to use im place of your script?

I'm running on a Debian 7 server I think although it might be debian 8 now...

I get the following error emailed to me from the cron job...

Code: Select all

/etc/cron.daily/exim4-base:
LOG: MAIN
  Warning: purging the environment.
 Suggested action: use keep_environment.
/etc/cron.daily/vesta_ssl:
/etc/cron.daily/vesta_ssl: line 5: if: command not found
/etc/cron.daily/vesta_ssl: line 6: /home/admin/conf/web/ssl.REDACTED.com.pem: Permission denied
cp: missing destination file operand after `/home/admin/conf/web/ssl.REDACTED.com.key'
Try `cp --help' for more information.
chown: missing operand after `root:mail'
Try `chown --help' for more information.


I also get more or less the same errors running vesta_ssl manually.

To get the mismatch to work I do parts of the script manually which works. Its the automation part of your script which is broken/not set up for this OS maybe?

Code: Select all

      cp $cert_src $cert_dst

        # Copy Keyfile
        cp $key_src $key_dst

        # Change Permission
        chown root:mail $cert_dst
        chown root:mail $key_dst

        # Restart Services
        service vesta restart &> /dev/null
        service exim4 restart &> /dev/null


These commands work but as I'm doing them manually I don't use variables I just type the full destination that the scripts variables would have given it.

Its the if statements etc that aren't being recognised I think so yes any help would be greatly appreciated as currently I just have to wait for the sites control panel to randomly stop working then issue a new certificate and manually do these commands myself...

Didn't have these issues prior to using your script..

Thanks in advance

mehargags
Moderators
Posts: 786
Joined: Sat Sep 06, 2014 9:58 pm
Contact:

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby mehargags » Thu Oct 26, 2017 7:15 am

For the Exim environment error you are getting
run

Code: Select all

exim4 -bP | grep environment

if you get " Warning: purging the environment."

Code: Select all

nano /etc/exim4/exim4.conf.template

and at the top put this

Code: Select all

   add_environment=<; PATH=/bin:/usr/bin
   keep_environment=

JakeTheDog420
Posts: 14
Joined: Sun Sep 24, 2017 6:00 am

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby JakeTheDog420 » Thu Oct 26, 2017 7:36 pm

mehargags wrote:For the Exim environment error you are getting
run

Code: Select all

exim4 -bP | grep environment

if you get " Warning: purging the environment."

Code: Select all

nano /etc/exim4/exim4.conf.template

and at the top put this

Code: Select all

   add_environment=<; PATH=/bin:/usr/bin
   keep_environment=


Amazing thank you! This basically fixed my issue! From here I was able to figure out the remaining issue with the script! Seems the if statement was copied wrong so was on the same line as the previous command! Now I spaced it all out correctly along with the code you told me to add I restarted exim and tried running ./vesta_ssl manually and got NO errors at all! Not sure if this fixes my SSL issue long-term only time will tell for that but your fix is greatly appreciated!! :)

Hope there's no hard feelings between us!

sifur
Posts: 24
Joined: Mon Dec 28, 2015 10:43 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby sifur » Wed Nov 01, 2017 10:29 am

Hello,
I added this script to /etc/cron.daily manually using SFTP, I checked permission, double checked the script options.
Unfortunately, I can't see any changes. No error, No success!

I'm using Ubuntu 16, with Vesta installer script default configuration (Apache, Nginx, PHP7)

Is this script still working please?

ScIT
Posts: 265
Joined: Mon Feb 23, 2015 4:13 pm

Re: Let's Encrypt for VestaCP System (8083) and exim4

Postby ScIT » Thu Nov 09, 2017 8:16 am

sifur wrote:Hello,
I added this script to /etc/cron.daily manually using SFTP, I checked permission, double checked the script options.
Unfortunately, I can't see any changes. No error, No success!

I'm using Ubuntu 16, with Vesta installer script default configuration (Apache, Nginx, PHP7)

Is this script still working please?

The script is working, please use ssh to check if it works when you run it manualy ./vesta_ssl.


Return to “3rd Party Software”



Who is online

Users browsing this forum: No registered users and 2 guests