Hi guys, I have followed the ISPConfig Perfect Server setup for Ubuntu 22.04 ISPConfig 3.2.12: https://www.howtoforge.com/ispconfig-autoinstall-debian-ubuntu/ Installs with no problem but when I try to access the ISPConfig UI using https://servername.com:8080, it opens with http instead. I was under the impression the script now created SSL certificates for ISPConfig, Postfix, etc automatically. Do I need to specify some other option when installing for this ti happen? I tried creating a website for the servername.com domain with LetsEncrypt selected but that did not solve the issue. Thanks
It does, unless LE refuses to issue a cert, which must have happened here. No. Please undo that, it makes things worse and will cause SSL issuing to fail for the UI. To create a sl cert for the ISPConfig UI if it failed during install (this happens when LE was unable to reach your hostname at install time), then just run: ispconfig_update.sh --force and choose to reconfigure services during update and then let the updater create a new SSL cert. Take care that the server hostname exists find DNS before doing the update and also take care that thy system can be reached on port 80 from the internet, as that#s what LE is doing to verify the hostname before issuing the cert.
There is no benefit in reinstalling it, it just takes longer. Just run the command to update ISPConfig that I mentioned and chose to reconfigure ispconfig and recreate SSL when it asks for that.
Hi Tilll, I ran ispconfig_update.sh --force I still can not access with ssl (https://) Here is relevant output: ... ISPConfig Port [8080]: Create new ISPConfig SSL certificate (yes,no) [no]: yes Checking / creating certificate for srv1.onpointswr.com Using certificate path /root/.acme.sh/srv1.onpointswr.com sh: 1: cannot open /dev/tcp/127.0.0.1/80: No such file Using apache for certificate validation acme.sh is installed, overriding certificate path to use /root/.acme.sh/srv1.onpointswr.com Symlink ISPConfig SSL certs to Postfix? (y,n) [y]: y Symlink ISPConfig SSL certs to Pure-FTPd? Creating dhparam file may take some time. (y,n) [y]: ... Here is UFW Status To Action From -- ------ ---- 21/tcp ALLOW Anywhere 22/tcp ALLOW Anywhere 25/tcp ALLOW Anywhere 53/tcp ALLOW Anywhere 80/tcp ALLOW Anywhere 110/tcp ALLOW Anywhere 143/tcp ALLOW Anywhere 443/tcp ALLOW Anywhere 465/tcp ALLOW Anywhere 587/tcp ALLOW Anywhere 993/tcp ALLOW Anywhere 995/tcp ALLOW Anywhere 3306/tcp ALLOW Anywhere 4190/tcp ALLOW Anywhere 8080/tcp ALLOW Anywhere 8081/tcp ALLOW Anywhere 9003/tcp ALLOW Anywhere 40110:40210/tcp ALLOW Anywhere 53/udp ALLOW Anywhere 21/tcp (v6) ALLOW Anywhere (v6) 22/tcp (v6) ALLOW Anywhere (v6) 25/tcp (v6) ALLOW Anywhere (v6) 53/tcp (v6) ALLOW Anywhere (v6) 80/tcp (v6) ALLOW Anywhere (v6) 110/tcp (v6) ALLOW Anywhere (v6) 143/tcp (v6) ALLOW Anywhere (v6) 443/tcp (v6) ALLOW Anywhere (v6) 465/tcp (v6) ALLOW Anywhere (v6) 587/tcp (v6) ALLOW Anywhere (v6) 993/tcp (v6) ALLOW Anywhere (v6) 995/tcp (v6) ALLOW Anywhere (v6) 3306/tcp (v6) ALLOW Anywhere (v6) 4190/tcp (v6) ALLOW Anywhere (v6) 8080/tcp (v6) ALLOW Anywhere (v6) 8081/tcp (v6) ALLOW Anywhere (v6) 9003/tcp (v6) ALLOW Anywhere (v6) 40110:40210/tcp (v6) ALLOW Anywhere (v6) 53/udp (v6) ALLOW Anywhere (v6) And ping srv1.onpointswr.com root@srv1:~# ping srv1.onpointswr.com PING srv1.onpointswr.com (127.0.1.1) 56(84) bytes of data. 64 bytes from srv1.onpointswr.com (127.0.1.1): icmp_seq=1 ttl=64 time=0.029 ms 64 bytes from srv1.onpointswr.com (127.0.1.1): icmp_seq=2 ttl=64 time=0.056 ms Any more suggestions? Is this normal? sh: 1: cannot open /dev/tcp/127.0.0.1/80: No such file Thanks again
No, that's not normal. Seems as if you got a SSL cert, but somehow it's not recognized. I have not seen this error message on any of my systems, but I know we had this in another support thread quite some time ago. What kind of server is this? If its a virtual server, which virtualization do you use? please run the command: sudo ls -la /root/.acme.sh/srv1.onpointswr.com and post the result. Then please run: sudo dpkg-reconfigure dash and choose no in the dialog that shows up. Then try the ispconfig_update.sh --force again, do you get https access now?
Hi Till, This morning everything worked, did nothing since yesterday Anyways here is the output from the command sudo ls -la /root/.acme.sh/srv1.onpointswr.com total 44 drwxr-xr-x 3 root root 4096 Aug 9 19:34 . drwx------ 7 root root 4096 Aug 9 19:19 .. drwxr-xr-x 2 root root 4096 Aug 9 19:34 backup -rw-r--r-- 1 root root 3751 Aug 9 19:34 ca.cer -rw-r--r-- 1 root root 5873 Aug 9 19:34 fullchain.cer -rw-r--r-- 1 root root 2122 Aug 9 19:34 srv1.onpointswr.com.cer -rw-r--r-- 1 root root 911 Aug 9 19:40 srv1.onpointswr.com.conf -rw-r--r-- 1 root root 1708 Aug 9 19:34 srv1.onpointswr.com.csr -rw-r--r-- 1 root root 192 Aug 9 19:34 srv1.onpointswr.com.csr.conf -rw------- 1 root root 3243 Aug 9 19:19 srv1.onpointswr.com.key I did not ran the other commands as it is working now. Thank you so much for your help, you are amazing!
Forgot to give you the server details: Hosted in VULTR.COM Shared Server: 2 vCPUs RAM: 4096.00 MB Storage: 100 GB NVMe OS: Ubuntu 22.04 x64 Let me know if you want me to run any command that provides info that may be helpful. Regards
If it works now, then everything should be ok. Server is fine as well, I just asked because some lxc containers sometimes cause strange issues when you run ISPConfig inside such a container.
Hello, i have same error after update with ispconfig_update.sh --force sh: 1: cannot open /dev/tcp/127.0.0.1/80: No such file I read on the forum about a solution to the problem with: dpkg-reconfigure dash this did not solve the problem. I using Debian 12 and "dpkg-reconfigure" dash no longer works
Actually @till just said that to check but not to proceed as by default we use bash in our setup and not dash, so just share the output here. Autoinstaller should correctly define that already, so don't change it. Please share the above result.
On Debian 12, sh can no longer be changed from dash to bash, it will stay at dash even if you change it. But this should not cause issues in the current ISPConfig versions on Debian 12. Do you have any actual problem or just this warning? And the reason for this in the original post might well have been the use of a limited container environment like LXC instead of using a VM.
root@server1:~# sudo ls -la /root/.acme.sh/server1.raidbo.com total 44 drwxr-xr-x 3 root root 4096 Sep 2 14:50 . drwx------ 10 root root 4096 Sep 20 13:21 .. drwxr-xr-x 2 root root 4096 Sep 2 14:50 backup -rw-r--r-- 1 root root 3751 Sep 2 14:50 ca.cer -rw-r--r-- 1 root root 5869 Sep 2 14:50 fullchain.cer -rw-r--r-- 1 root root 2118 Sep 2 14:50 server1.raidbo.com.cer -rw-r--r-- 1 root root 910 Sep 21 15:38 server1.raidbo.com.conf -rw-r--r-- 1 root root 1704 Sep 2 14:50 server1.raidbo.com.csr -rw-r--r-- 1 root root 191 Sep 2 14:50 server1.raidbo.com.csr.conf -rw------- 1 root root 3243 Sep 2 14:50 server1.raidbo.com.key For now only this warning.
Roger that though I thought one can simply run ln -sf /bin/bash to /bin/sh or something to fix the shortcoming, if needed. I might have to check my scripts whether they still gonna work in the latest environment.
manually changing the symlink will probably work, but who knows if it get changed back on Debian update later, using dpkg to change it does not work anymore.
Some say symlink bash to /usr/local/bin/sh instead may work better i.e. without overwriting / removing /bin/sh original link to dash. link. Source: https://groups.google.com/g/linux.debian.user/c/2CyfM5UrSOI?pli=1 I haven't tried it though.
I fear this won't help as the base issue is that PHP uses /bin/sh to execute commands when using e.g. exec() or open. PHP does not obey $PATH and even if you use /bin/bash to start that php script, it will use /bin/sh in the end internally to execute commands. But maybe we should go back to the original problem, that dash is causing this was one of my original assumptions, but it might well be that the real issue is just using LXC in a mode that prevents access to /dev/tcp/127.0.0.1/80, especially as I do not see such a message on any of my own systems which use full virtualizations like KVM or VMWare.