Hi all, I'm getting the following errors when I try the update. It completes, and gets installed but I do not get the option to 'yes' for creating new certificates. Code: -------------------------------------------------------------------------------- _____ ___________ _____ __ _ ____ |_ _/ ___| ___ \ / __ \ / _(_) /__ \ | | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ / | | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ | _| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \ \___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/ __/ | |___/ -------------------------------------------------------------------------------- >> Update Operating System: CentOS 7.9 This application will update ISPConfig 3 on your server. Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: no Checking ISPConfig database .. OK Starting incremental database update. Loading SQL patch file: /tmp/update_runner.sh.toEe0NkXLM/install/sql/incremental/upd_dev_collection.sql Reconfigure Permissions in master database? (yes,no) [no]: Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it? (yes,no) [no]: Reconfigure Services? (yes,no,selected) [yes]: Configuring Postfix Configuring Dovecot Configuring Mailman Configuring Spamassassin Configuring Amavisd Configuring Getmail Configuring BIND Configuring Pureftpd Configuring nginx Configuring Apps vhost Configuring Jailkit Configuring Database Updating ISPConfig PHP Warning: symlink(): No such file or directory in /tmp/update_runner.sh.toEe0NkXLM/install/lib/installer_base.lib.php on line 2828 Certificate exists. Not creating a new one. which: no acme.sh in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) which: no acme.sh in (/usr/local/ispconfig/server/scripts) which: no acme.sh in (/root/.acme.sh) Reconfigure Crontab? (yes,no) [yes]: Updating Crontab Restarting services ... Update finished. I was really trying to get ispconfig update to fix a problem with my mail server... I'm getting the following error from swiftmailer when my application on this website tries to send an email out. Code: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed I have deleted and re-created the certs in /etc/letsencrypt but the error is still occuring. Any help would be Most Appreciate
It seems like you already have LE certs for your server but due to symlink fix not included in that version, that LE certs may not be properly symlinked. I would advise the use of git stable to fix in running the update that but may be you should wait for the developers' view on this.
I think that would work, my only hesitation is that there have been quite a few merges recently so less time testing newer code and you might get to help identify any new issues in it.
I guess the only question I have now would be ... how to install from git instead? also... the problem is on my production server. Happy to test if I can revert if something breaks.
Doh, Same problem... I'm not able to select 'yes' to re-create certificates Code: Please choose the update method. For production systems select 'stable'. WARNING: The update from GIT is only for development systems and may break your current setup. Do not use the GIT version on servers that host any live websites! Note: On Multiserver systems, enable maintenance mode and update your master server first. Then update all slave servers, and disable maintenance mode when all servers are updated. Select update method (stable,nightly,git-develop) [stable]: nightly Downloading ISPConfig update. Unpacking ISPConfig update. -------------------------------------------------------------------------------- _____ ___________ _____ __ _ ____ |_ _/ ___| ___ \ / __ \ / _(_) /__ \ | | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ / | | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ | _| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \ \___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/ __/ | |___/ -------------------------------------------------------------------------------- >> Update Operating System: CentOS Linux 7.9.2009 This application will update ISPConfig 3 on your server. Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]: yes Creating backup of "/usr/local/ispconfig" directory... Creating backup of "/etc" directory... Creating backup of "/etc/letsencrypt" directory... Checking ISPConfig database .. OK Starting incremental database update. Loading SQL patch file: /tmp/update_runner.sh.5heAlRJWup/install/sql/incremental/upd_0096.sql Loading SQL patch file: /tmp/update_runner.sh.5heAlRJWup/install/sql/incremental/upd_dev_collection.sql Reconfigure Permissions in master database? (yes,no) [no]: Service 'firewall_server' has been detected (currently disabled) do you want to enable and configure it? (yes,no) [no]: Reconfigure Services? (yes,no,selected) [yes]: Configuring Postfix Configuring Dovecot Configuring Mailman Configuring Spamassassin Configuring Amavisd Configuring Getmail Configuring BIND Configuring Pureftpd Configuring nginx Configuring Apps vhost Configuring Jailkit Configuring Database Updating ISPConfig PHP Warning: symlink(): No such file or directory in /tmp/update_runner.sh.5heAlRJWup/install/lib/installer_base.lib.php on line 2879 Certificate exists. Not creating a new one. which: no acme.sh in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) which: no acme.sh in (/usr/local/ispconfig/server/scripts) which: no acme.sh in (/root/.acme.sh) Reconfigure Crontab? (yes,no) [yes]: yes Updating Crontab Restarting services ... Update finished. Anything else I can try? And wondering why acme.sh is not found and causes a problem because it's not there? Thanks again
I guess he might just be using certbot, I've noticed the same message on a CentOS system yesterday that had certbot in place. my guess is that the which command on centOS behaves differently from Debian and Ubuntu and displays an error when nothing is found instead of just not returning the path as it does on Ubuntu and Debian. probably we have to change the command to ensure that this output is sent to /dev/null on CentOS.
@original_drew can you run these on your centos system and post the output? Code: which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt 2>/dev/null which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2>/dev/null command -v certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt | grep -v '^alias ' | head -1 command -v acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh | grep -v '^alias ' | head -1
Hi Thom, yup /etc/letsencrypt exists. Jesse, output is below Code: which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt /usr/bin/which: no certbot in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) /usr/bin/which: no letsencrypt in (/root/.local/share/letsencrypt/bin) /opt/eff.org/certbot/venv/bin/certbot /usr/bin/which: no letsencrypt in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) which certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt 2>/dev/null /opt/eff.org/certbot/venv/bin/certbot which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh /usr/bin/which: no acme.sh in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) /usr/bin/which: no acme.sh in (/usr/local/ispconfig/server/scripts) /usr/bin/which: no acme.sh in (/root/.acme.sh) which acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh 2>/dev/null (above returned nothing) command -v certbot /root/.local/share/letsencrypt/bin/letsencrypt /opt/eff.org/certbot/venv/bin/certbot letsencrypt | grep -v '^alias ' | head -1 /opt/eff.org/certbot/venv/bin/certbot command -v acme.sh /usr/local/ispconfig/server/scripts/acme.sh /root/.acme.sh/acme.sh | grep -v '^alias ' | head -1 (returned nothing as well)