Error installing update to 3.2.7p1

Discussion in 'Installation/Configuration' started by original_drew, Mar 13, 2022.

  1. original_drew

    original_drew New Member

    Hi all,
    I'm getting the following errors when I try the update. It completes, and gets installed but I do not get the option to 'yes' for creating new certificates.

    Code:
    --------------------------------------------------------------------------------
     _____ ___________   _____              __ _         ____
    |_   _/  ___| ___ \ /  __ \            / _(_)       /__  \
      | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _    _/ /
      | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |  |_ |
     _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| | ___\ \
     \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, | \____/
                                                  __/ |
                                                 |___/
    --------------------------------------------------------------------------------
    
    
    >> Update
    
    Operating System: CentOS 7.9
    
    This application will update ISPConfig 3 on your server.
    
    Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: no
    
    Checking ISPConfig database .. OK
    Starting incremental database update.
    Loading SQL patch file: /tmp/update_runner.sh.toEe0NkXLM/install/sql/incremental/upd_dev_collection.sql
    Reconfigure Permissions in master database? (yes,no) [no]:
    
    Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it?  (yes,no) [no]:
    
    Reconfigure Services? (yes,no,selected) [yes]:
    
    Configuring Postfix
    Configuring Dovecot
    Configuring Mailman
    Configuring Spamassassin
    Configuring Amavisd
    Configuring Getmail
    Configuring BIND
    Configuring Pureftpd
    Configuring nginx
    Configuring Apps vhost
    Configuring Jailkit
    Configuring Database
    Updating ISPConfig
    PHP Warning:  symlink(): No such file or directory in /tmp/update_runner.sh.toEe0NkXLM/install/lib/installer_base.lib.php on line 2828
    Certificate exists. Not creating a new one.
    which: no acme.sh in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
    which: no acme.sh in (/usr/local/ispconfig/server/scripts)
    which: no acme.sh in (/root/.acme.sh)
    Reconfigure Crontab? (yes,no) [yes]:
    
    Updating Crontab
    Restarting services ...
    Update finished.
    I was really trying to get ispconfig update to fix a problem with my mail server... I'm getting the following error from swiftmailer when my application on this website tries to send an email out.

    Code:
    stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
    error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
    I have deleted and re-created the certs in /etc/letsencrypt but the error is still occuring.

    Any help would be Most Appreciate
     
  2. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    It seems like you already have LE certs for your server but due to symlink fix not included in that version, that LE certs may not be properly symlinked. I would advise the use of git stable to fix in running the update that but may be you should wait for the developers' view on this.
     
  3. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    I think that would work, my only hesitation is that there have been quite a few merges recently so less time testing newer code and you might get to help identify any new issues in it. :)
     
  4. original_drew

    original_drew New Member

    I guess the only question I have now would be ... how to install from git instead? also... the problem is on my production server. Happy to test if I can revert if something breaks.
     
  5. ahrasis

    ahrasis Well-Known Member HowtoForge Supporter

    Run ispconfig_update.sh and choose nightly (the new name for git-stable).
     
  6. original_drew

    original_drew New Member

    Doh,
    Same problem... I'm not able to select 'yes' to re-create certificates :(
    Code:
    Please choose the update method. For production systems select 'stable'.
    WARNING: The update from GIT is only for development systems and may break your current setup. Do not use the GIT version on servers that host any live websites!
    Note: On Multiserver systems, enable maintenance mode and update your master server first. Then update all slave servers, and disable maintenance mode when all servers are updated.
    
    Select update method (stable,nightly,git-develop) [stable]: nightly
    
    Downloading ISPConfig update.
    Unpacking ISPConfig update.
    
    
    --------------------------------------------------------------------------------
     _____ ___________   _____              __ _         ____
    |_   _/  ___| ___ \ /  __ \            / _(_)       /__  \
      | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _    _/ /
      | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |  |_ |
     _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| | ___\ \
     \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, | \____/
                                                  __/ |
                                                 |___/
    --------------------------------------------------------------------------------
    
    
    >> Update
    
    Operating System: CentOS Linux 7.9.2009
    
    This application will update ISPConfig 3 on your server.
    
    Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: yes
    
    Creating backup of "/usr/local/ispconfig" directory...
    Creating backup of "/etc" directory...
    Creating backup of "/etc/letsencrypt" directory...
    Checking ISPConfig database .. OK
    Starting incremental database update.
    Loading SQL patch file: /tmp/update_runner.sh.5heAlRJWup/install/sql/incremental/upd_0096.sql
    Loading SQL patch file: /tmp/update_runner.sh.5heAlRJWup/install/sql/incremental/upd_dev_collection.sql
    Reconfigure Permissions in master database? (yes,no) [no]:
    
    Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it?  (yes,no) [no]:
    
    Reconfigure Services? (yes,no,selected) [yes]:
    
    Configuring Postfix
    Configuring Dovecot
    Configuring Mailman
    Configuring Spamassassin
    Configuring Amavisd
    Configuring Getmail
    Configuring BIND
    Configuring Pureftpd
    Configuring nginx
    Configuring Apps vhost
    Configuring Jailkit
    Configuring Database
    Updating ISPConfig
    PHP Warning:  symlink(): No such file or directory in /tmp/update_runner.sh.5heAlRJWup/install/lib/installer_base.lib.php on line 2879
    Certificate exists. Not creating a new one.
    which: no acme.sh in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
    which: no acme.sh in (/usr/local/ispconfig/server/scripts)
    which: no acme.sh in (/root/.acme.sh)
    Reconfigure Crontab? (yes,no) [yes]: yes
    
    Updating Crontab
    Restarting services ...
    Update finished.
    Anything else I can try? And wondering why acme.sh is not found and causes a problem because it's not there?

    Thanks again
     
    Last edited: Mar 24, 2022
  7. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Does /root/.acme.sh or /etc/letsencrypt exist?
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    I guess he might just be using certbot, I've noticed the same message on a CentOS system yesterday that had certbot in place. my guess is that the which command on centOS behaves differently from Debian and Ubuntu and displays an error when nothing is found instead of just not returning the path as it does on Ubuntu and Debian. probably we have to change the command to ensure that this output is sent to /dev/null on CentOS.
     
  9. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    @original_drew can you run these on your centos system and post the output?

    Code:
    which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt
    which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt 2>/dev/null
    which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh
    which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2>/dev/null
    command -v certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt | grep -v '^alias ' | head -1
    command -v acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh | grep -v '^alias ' | head -1
    
     
  10. original_drew

    original_drew New Member

    Hi Thom, yup /etc/letsencrypt exists.

    Jesse, output is below
    Code:
    which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt
    /usr/bin/which: no certbot in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
    /usr/bin/which: no letsencrypt in (/root/.local/share/letsencrypt/bin)
    /opt/eff.org/certbot/venv/bin/certbot
    /usr/bin/which: no letsencrypt in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
    
    which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt 2>/dev/null
    /opt/eff.org/certbot/venv/bin/certbot
    
    which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh
    /usr/bin/which: no acme.sh in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin)
    /usr/bin/which: no acme.sh in (/usr/local/ispconfig/server/scripts)
    /usr/bin/which: no acme.sh in (/root/.acme.sh)
    
    which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2>/dev/null
    (above returned nothing)
    
    command -v certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt | grep -v '^alias ' | head -1
    /opt/eff.org/certbot/venv/bin/certbot
    
    command -v acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh | grep -v '^alias ' | head -1
    (returned nothing as well)
    
     
    Last edited: Mar 24, 2022
    Jesse Norell likes this.
  11. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

Share This Page