my control panel is out error SSL_ERROR_RX_RECORD_TOO_LONG on firefox ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] uptime: 02:43:29 up 9:17, 1 user, load average: 0.07, 0.13, 0.13 [INFO] memory: total used free shared buff/cache available Mem: 31Gi 3.8Gi 1.1Gi 432Mi 26Gi 26Gi Swap: 11Gi 4.0Mi 11Gi [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.7p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.33-1+0~20211119.91+debian10~1.gbp618351 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.2.34 ##### PORT CHECK ##### [WARN] Port 22 (SSH server) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 30124) [INFO] I found the following mail server(s): Postfix (PID 23420) [INFO] I found the following pop3 server(s): Dovecot (PID 23624) [INFO] I found the following imap server(s): Dovecot (PID 23624) [INFO] I found the following ftp server(s): PureFTP (PID 23806) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) [localhost]:53 (23819/named) [anywhere]:21 (23806/pure-ftpd) [localhost]:953 (23819/named) [anywhere]:25 (23420/master) [anywhere]:993 (23624/dovecot) [anywhere]:5666 (995/nrpe) [anywhere]:995 (23624/dovecot) [localhost]:10024 (23568/amavisd-new) [localhost]:10025 (23420/master) [localhost]:10026 (23568/amavisd-new) [localhost]:3306 (23134/mariadbd) [localhost]:10027 (23420/master) [anywhere]:587 (23420/master) [anywhere]:6379 (834/redis-server) [localhost]:11211 (725/memcached) [anywhere]:110 (23624/dovecot) [anywhere]:143 (23624/dovecot) [anywhere]:465 (23420/master) [anywhere]:2257 (800/sshd) *:*:*:*::*:53 (23819/named) *:*:*:*::*:21 (23806/pure-ftpd) *:*:*:*::*:3128 (19639/(squid-1)) *:*:*:*::*:953 (23819/named) *:*:*:*::*:25 (23420/master) *:*:*:*::*:443 (30124/apache2) *:*:*:*::*:7134 (1300/java) *:*:*:*::*:993 (23624/dovecot) *:*:*:*::*:5666 (995/nrpe) *:*:*:*::*:995 (23624/dovecot) *:*:*:*::*:10024 (23568/amavisd-new) *:*:*:*::*:10026 (23568/amavisd-new) *:*:*:*::*:587 (23420/master) [localhost]10 (23624/dovecot) [localhost]43 (23624/dovecot) *:*:*:*::*:8080 (30124/apache2) *:*:*:*::*:80 (30124/apache2) *:*:*:*::*:8081 (30124/apache2) *:*:*:*::*:465 (23420/master) *:*:*:*::*:2257 (800/sshd) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination DOCKER-USER all -- [anywhere]/0 [anywhere]/0 DOCKER-ISOLATION-STAGE-1 all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED DOCKER all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain DOCKER (1 references) target prot opt source destination Chain DOCKER-ISOLATION-STAGE-1 (1 references) target prot opt source destination DOCKER-ISOLATION-STAGE-2 all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-ISOLATION-STAGE-2 (1 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-USER (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] uptime: 02:43:29 up 9:17, 1 user, load average: 0.07, 0.13, 0.13 [INFO] memory: total used free shared buff/cache available Mem: 31Gi 3.8Gi 1.1Gi 432Mi 26Gi 26Gi Swap: 11Gi 4.0Mi 11Gi [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.7p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.33-1+0~20211119.91+debian10~1.gbp618351 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.2.34 ##### PORT CHECK ##### [WARN] Port 22 (SSH server) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 30124) [INFO] I found the following mail server(s): Postfix (PID 23420) [INFO] I found the following pop3 server(s): Dovecot (PID 23624) [INFO] I found the following imap server(s): Dovecot (PID 23624) [INFO] I found the following ftp server(s): PureFTP (PID 23806) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) ***.***.***.***:53 (23819/named) [localhost]:53 (23819/named) [anywhere]:21 (23806/pure-ftpd) [localhost]:953 (23819/named) [anywhere]:25 (23420/master) [anywhere]:993 (23624/dovecot) [anywhere]:5666 (995/nrpe) [anywhere]:995 (23624/dovecot) [localhost]:10024 (23568/amavisd-new) [localhost]:10025 (23420/master) [localhost]:10026 (23568/amavisd-new) [localhost]:3306 (23134/mariadbd) [localhost]:10027 (23420/master) [anywhere]:587 (23420/master) [anywhere]:6379 (834/redis-server) [localhost]:11211 (725/memcached) [anywhere]:110 (23624/dovecot) [anywhere]:143 (23624/dovecot) [anywhere]:465 (23420/master) [anywhere]:2257 (800/sshd) *:*:*:*::*:53 (23819/named) *:*:*:*::*:21 (23806/pure-ftpd) *:*:*:*::*:3128 (19639/(squid-1)) *:*:*:*::*:953 (23819/named) *:*:*:*::*:25 (23420/master) *:*:*:*::*:443 (30124/apache2) *:*:*:*::*:7134 (1300/java) *:*:*:*::*:993 (23624/dovecot) *:*:*:*::*:5666 (995/nrpe) *:*:*:*::*:995 (23624/dovecot) *:*:*:*::*:10024 (23568/amavisd-new) *:*:*:*::*:10026 (23568/amavisd-new) *:*:*:*::*:587 (23420/master) [localhost]10 (23624/dovecot) [localhost]43 (23624/dovecot) *:*:*:*::*:8080 (30124/apache2) *:*:*:*::*:80 (30124/apache2) *:*:*:*::*:8081 (30124/apache2) *:*:*:*::*:465 (23420/master) *:*:*:*::*:2257 (800/sshd) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy DROP) target prot opt source destination DOCKER-USER all -- [anywhere]/0 [anywhere]/0 DOCKER-ISOLATION-STAGE-1 all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED DOCKER all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain DOCKER (1 references) target prot opt source destination Chain DOCKER-ISOLATION-STAGE-1 (1 references) target prot opt source destination DOCKER-ISOLATION-STAGE-2 all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-ISOLATION-STAGE-2 (1 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-USER (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0
Code: ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.33-1+0~20211119.91+debian10~1.gbp618351 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.2.34 Fix the default PHP version for the OS back to original. Code: update-alternatives --config php update-alternatives --config php-cgi
my OS is debian 10 then I change for php7.3 and php-cgi 7.3 too all my websites is down, ispconfig is down, apache2 don't restart apache2 log Code: [Fri Mar 11 15:54:26.333964 2022] [ssl:warn] [pid 31617:tid 140557146440832] AH01906: ns3129236.ip-188-165-214.eu:443:0 server certificate is a CA certifica$ [Fri Mar 11 15:54:26.334135 2022] [ssl:error] [pid 31617:tid 140557146440832] AH02217: ssl_stapling_init_cert: can't retrieve issuer certificate! [subject: $ [Fri Mar 11 15:54:26.334149 2022] [ssl:error] [pid 31617:tid 140557146440832] AH02604: Unable to configure certificate ns3129236.ip-188-165-214.eu:443:0 for$ [Fri Mar 11 15:54:26.334566 2022] [ssl:emerg] [pid 31617:tid 140557146440832] AH02311: Fatal error initialising mod_ssl, exiting. See /var/log/ispconfig/htt$ AH00016: Configuration Failed [ 2022-03-11 15:54:26.3564 31623/7f28bffff700 age/Cor/CoreMain.cpp:532 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to force $ [ 2022-03-11 15:54:26.3564 31630/7f3d947ff700 age/Ust/UstRouterMain.cpp:422 ]: Signal received. Gracefully shutting down... (send signal 2 more time(s) to f$ [ 2022-03-11 15:54:26.3564 31623/7f28ccf56980 age/Cor/CoreMain.cpp:901 ]: Received command to shutdown gracefully. Waiting until all clients have disconnect$ [ 2022-03-11 15:54:26.3565 31630/7f3d948b7980 age/Ust/UstRouterMain.cpp:492 ]: Received command to shutdown gracefully. Waiting until all clients have disco$ [ 2022-03-11 15:54:26.3567 31630/7f3d947ff700 Ser/Server.h:464 ]: [UstRouter] Shutdown finished New report Code: ##### SCRIPT FINISHED ##### Results can be found in htf_report.txt To view results use your favourite text editor or type 'cat htf_report.txt | more' on the server console. If you want to see the non-anonymized output start the script with --debug as parameter (php -q htf-common-issues.php --debug). root@ns3129236:/etc/apache2/sites-enabled# cat htf_report.txt | more ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Debian GNU/Linux 10 (buster) [INFO] uptime: 16:03:17 up 12:22, 1 user, load average: 0.18, 0.19, 0.18 [INFO] memory: total used free shared buff/cache available Mem: 31Gi 3.1Gi 23Gi 508Mi 5.1Gi 27Gi Swap: 11Gi 0B 11Gi [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.7p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.3.33-1+0~20211119.91+debian10~1.gbp618351 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.3.33 ##### PORT CHECK ##### [WARN] Port 8080 (ISPConfig) seems NOT to be listening [WARN] Port 8081 (ISPConfig Apps) seems NOT to be listening [WARN] Port 80 (Webserver) seems NOT to be listening [WARN] Port 443 (Webserver SSL) seems NOT to be listening [WARN] Port 22 (SSH server) seems NOT to be listening ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [WARN] I could not determine which web server is running. [INFO] I found the following mail server(s): Postfix (PID 30733) [INFO] I found the following pop3 server(s): Dovecot (PID 30991) [INFO] I found the following imap server(s): Dovecot (PID 30991) [INFO] I found the following ftp server(s): PureFTP (PID 31070) ##### LISTENING PORTS ##### (only () Local (Address) [localhost]:953 (31092/named) [anywhere]:25 (30733/master) [anywhere]:993 (30991/dovecot) [anywhere]:5666 (884/nrpe) [anywhere]:995 (30991/dovecot) [localhost]:10024 (30881/amavisd-new) [localhost]:10025 (30733/master) [localhost]:10026 (30881/amavisd-new) [localhost]:3306 (30418/mariadbd) [localhost]:10027 (30733/master) [anywhere]:587 (30733/master) [localhost]:11211 (760/memcached) [anywhere]:6379 (856/redis-server) [anywhere]:110 (30991/dovecot) [anywhere]:143 (30991/dovecot) [anywhere]:465 (30733/master) [anywhere]:2257 (866/sshd) ***.***.***.***:53 (31092/named) ***.***.***.***:53 (31092/named) ***.***.***.***:53 (31092/named) ***.***.***.***:53 (31092/named) ***.***.***.***:53 (31092/named) ***.***.***.***:53 (31092/named) ***.***.***.***:53 (31092/named) [localhost]:53 (31092/named) [anywhere]:21 (31070/pure-ftpd) *:*:*:*::*:3128 (1123/(squid-1)) *:*:*:*::*:953 (31092/named) *:*:*:*::*:25 (30733/master) *:*:*:*::*:7134 (1505/java) *:*:*:*::*:993 (30991/dovecot) *:*:*:*::*:5666 (884/nrpe) *:*:*:*::*:995 (30991/dovecot) *:*:*:*::*:10024 (30881/amavisd-new) *:*:*:*::*:10026 (30881/amavisd-new) *:*:*:*::*:587 (30733/master) [localhost]10 (30991/dovecot) [localhost]43 (30991/dovecot) *:*:*:*::*:465 (30733/master) *:*:*:*::*:2257 (866/sshd) *:*:*:*::*:53 (31092/named) *:*:*:*::*:21 (31070/pure-ftpd) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21 Chain FORWARD (policy DROP) target prot opt source destination DOCKER-USER all -- [anywhere]/0 [anywhere]/0 DOCKER-ISOLATION-STAGE-1 all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ctstate RELATED,ESTABLISHED DOCKER all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 ACCEPT all -- [anywhere]/0 [anywhere]/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-pureftpd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER (1 references) target prot opt source destination Chain DOCKER-ISOLATION-STAGE-1 (1 references) target prot opt source destination DOCKER-ISOLATION-STAGE-2 all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-ISOLATION-STAGE-2 (1 references) target prot opt source destination DROP all -- [anywhere]/0 [anywhere]/0 RETURN all -- [anywhere]/0 [anywhere]/0 Chain DOCKER-USER (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0
You could disable or delete the vhost file for ns3129236.ip-188-165-214.eu and see if apache will start, then work on fixing the certificate setup in that site.
First, I verify apache2 syntax with configtest and I find on line 225 an error, I fix it. because I upgrade dovecot i have many problems with certificates. Now apache2 run. But not possible to restart my ispconfig, all the sites redirect on apache index file. Then i try to fix with Code: ispconfig_update.sh --force but i have an error in self certificate: Code: Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: ns3129236.ip-188-165-214.eu Type: connection Detail: Fetching http://ns3129236.ip-188-165-214.eu/.well-known/acme-challenge/uy7QcJDbuF1aEt1NE4p1Tywh9axWlJtsyMbe1Z8wzuo: Connection refused Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from this command line ls -la /usr/local/ispconfig/interface/ssl/ Code: drwxr-s--- 2 root root 4096 Mar 11 19:37 . drwxr-s--- 9 ispconfig ispconfig 4096 Aug 11 2020 .. -rwxr-x--- 1 root root 45 Mar 11 19:37 empty.dir -rwxr-x--- 1 root root 1939 Mar 11 19:37 ispserver.crt -rwxr-x--- 1 root root 1476 Aug 11 2020 ispserver.crt-200812173355.bak -rwxr-x--- 1 root root 1557 Aug 11 2020 ispserver.csr -rwxr-x--- 1 root root 3272 Mar 11 19:37 ispserver.key -rwxr-x--- 1 root root 1704 Aug 11 2020 ispserver.key-200812173402.bak -rwxr-x--- 1 root root 3311 Aug 11 2020 ispserver.key.secure -rwxr-x--- 1 root root 5211 Mar 11 19:37 ispserver.pem -rwxr-x--- 1 root root 3063 Mar 11 01:00 ispserver.pem-20220311010035.bak
It would be best to assign your server a better hostname, the hostname of the system should be a subdomain of a domain you own like server1.yourdomain.tld, and this subdomain must point to your system in DNS with a DNS A-Record so that it's accessible from the internet. Then you must ensure that your system can be reached from the internet and apache must be running, you won't get an SSL cert issued from Let's encrypt when apache is down. There is also a let#s encrypt error FAQ that explains in detail which requirements must be met to get a Let#s encrypt SSL cert: https://www.howtoforge.com/community/threads/lets-encrypt-error-faq.74179/
apache2 run now, certbot is update i read the faq. when I would like to recreate a new certificate with force isponfig update, I have an error. how can I restart because when I force update to renew certificate, at the end of the process apache shutdown.
