Installed web server as decribes in the ISPConfig3 Manual on debian jessie. pure-ftpd-mysql status says web pure-ftpd[11854]: (?@?) [ERROR] Sorry, but that file doesn't exist: [/etc/ssl/private/pure-ftpd.pem] /etc/ssl/private/pure-ftpd.pem exist and looks good, see root@web:/etc/init.d# ll /etc/ssl/private/ total 16 drwx--x--- 2 root ssl-cert 4096 May 24 15:12 . drwxr-xr-x 4 root root 4096 May 24 14:18 .. -rw------- 1 root root 1704 May 26 08:52 pure-ftpd.pem -rw-r----- 1 root ssl-cert 1708 May 24 14:54 ssl-cert-snakeoil.key Found some threads about that, but no real solution. It's my first web server in multiserver enviorement on debian, before useing debian I had open SUSE 13.x, actuell the web/ftp server in may other multiserver enviorement on SUSE 13.2 runs fine. Thanks for hints Rainer
Never had this error yet, my guess is that pure-ftpd reports a broken ssl cert as non existing. Try to create a new ssl cert for pure-ftpd.
I generated a new certificate useing description on page 24 of ISPConfig manual, same error. Replacing the cerificate with a official startsll, accepted by apache, same problem. Additional questions, where ist the path and fllename /etc/ssl/private/pure-ftpd.pem defined, can't find any .conf. Where should be the correspondig .crt and chain file like on apache. As I remember on SUSE I needed this. FTP on my SUSE ISPConfig WEB Servers worked fine. All the configuration of the pure-ftpd-mysql seam quite suspect to me. Did some research on Google, could not find solution. Thanks for more help Rainer
A .pem file as used by e.g. dovecot and pue-ftpd contains the key, the crt and all intermediate certs. The ssl path is the default of pure-ftpd, it does not need to be configured.
Btw, thats how the permissions look like on a working server: ls -la /etc/ssl/private/ total 16 drwx--x--- 2 root ssl-cert 4096 Apr 19 12:38 . drwxr-xr-x 4 root root 4096 Apr 19 12:27 .. -rw------- 1 root root 3054 Apr 19 12:38 pure-ftpd.pem -rw-r----- 1 root ssl-cert 1704 Feb 19 07:19 ssl-cert-snakeoil.key
Ok but if I follow page 24 in the ISPConfig manual the pure-ftpd.pem is shorter than yours, see my above ls -la /etc/ssl/private and it contains as normaly expected only the private key generated by openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem There ist a certificate dumped to console at the end, but not noted what do do with it in the mananual nor other whowtos. So as /etc/ssl/private/pure-ftpd.pem ist only the private key, I understand pure-ftpd has a problem, but who to get the correct .pem file By the way dovecot.conf knows a .key and a .cert file /etc/dovecot/dovecot.conf mail server install about 2 weeks ago with debian jessie in multiserver envioremen, working without any problems .... mail_privileged_group = vmail ssl_cert = </etc/postfix/smtpd.cert ssl_key = </etc/postfix/smtpd.key ssl_protocols = !SSLv2 !SSLv3 passdb { args = /etc/dovecot/dovecot-sql.conf driver = sql } .... Rainer
The tutorial instructs you to run this command: Code: openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem and this command adds the key and the cert into the same file, just tested it again. So you must have made a mistake while executing the command when it misses in your .pem file. Regarding dovecot: the key is separate but the cert.pem file contains the intermediate files like pure-ftpd. From dovecot manual: