New Install - Panel Error - SSL_ERROR_RX_RECORD_TOO_LONG

Hi,

I am having an issue with a fairly new (last seven days) server: -

Debian 11
All services installed -- including NGINX

A couple of websites installed and they are all working fine.

Panel on port 8080 has been working all OK for the last week. However I am now getting: -

Code:

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

when trying to access the panel.

I have tried to

Code:

ispconfig_update.sh --force

and answered yes to

Code:

Create new ISPConfig SSL certificate (yes,no) [no]: == YES

Still no joy.

Could anyone help me out please?

Many thanks and kind regards

HTA

 

Hi Till,

Many thanks for your time.

Can confirm that it is https://

We are also unable to connect to: -
https://panel.**************com:8080/munin/
https://panel.**************.com:2812

as we get the same error message

Kind regards

HTA

 

Just for completeness here are my selections when running the update: -

Code:

ispconfig_update.sh --force
Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes] == YES
Reconfigure Permissions in master database? (yes,no) [no]: == NO
Reconfigure Services? (yes,no,selected) [yes]: == YES
ISPConfig Port [8080]: == 8080
Create new ISPConfig SSL certificate (yes,no) [no]: == YES
Symlink ISPConfig SSL certs to Postfix? (y,n) [y]: == YES
Symlink ISPConfig SSL certs to Pure-FTPd? Creating dhparam file may take some time. (y,n) [y]: == YES
Reconfigure Crontab? (yes,no) [yes]: == YES

Many thanks and kind regards to all

HTA

 

If I try and connect with http:// it takes me to the first website and shows https://**************.com which is a live site?

Code:

http://panel..**************.com:8080/ >> https://**************.com

 

https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
That has item on "When visiting domain B, contents of domain A are showing." My guess is some domains have failed to get a working certificate. Or website settings have IP-number for some, and * for some. Examine logs.

 

@Taleman Hi, thanks for the advice.

The issue is I cannot get to the Panel to check the IP's of the other sites as I cannot access it!

But you got me thinking...

I've just check another dev server where I did a clean install yesterday using the auto-install script and checking System >> Server Config I see that the IP Address: field is set to 127.0.1.1

As I was reading the Perfect Server Automated ISPConfig 3 Installation on Debian 10 - 11 and Ubuntu 20.04 I remember thinking that in nano /etc/hosts it was odd to have 127.0.1.1 instead of the real ip address. I have just re-read the guide again and can see it's a bit ambiguous TBH. It really should say, for idiots like me "Change 127.0.1.1 to your own IP Address"

So, as I cannot access the panel how can I change the server IP address in the database to get the panel working?

Once again thanks for pointing me in the right direct (I think).

Kind regards

HTA

 

Do not change that.
Instead if /etc/hosts -file is wrong, login as root on terminal and change the file.

 

Thanks @Taleman - have done that but still cannot connect to the panel? Same error.

Should I run ispconfig_update.sh --force again do you think?

 

Just tried running ispconfig_update.sh --force and got the following. Is answering this with NO the correct thing to do?

Code:

Checking / creating certificate for main.*************.com
Using certificate path /root/.acme.sh/main.*************.com
Server's public ip(s) (123.123.123.123) not found in A/AAAA records for main.*************.com:
Ignore DNS check and continue to request certificate? (y,n) [n]:

It's just that I don't want to break the site as currently there is about 12k people using it!

Many thanks

HTA

 

@till Yes DNS works all OK and points with an A-Record to main.*************.com.

Thank you

HTA

 

Hi all,

I made the necessary changes to /etc/hosts yesterday and of course still the original errors.

The client manages the DNS via Cloudflare and assures me all is well. Thinking about it it must be OK as we could access the panel from all locations over the past week.

My question is if I run ispconfig_update.sh --force will I cause problems with the live sites?

Many thanks for all the help

Regards

HTA

 

@Jesse Norell and @till Many thanks for your kind help - I appreciate it very much.

The main issue was indeed Cloudflare had a proxy set for the panel. I turned that off (just the panel) and all is OK now

As always many thanks to all the team for your kind help and support.

Have a great day

HTA