Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
FTP / FTP on CWP stucks at 'Retrieving directory listing…'
« on: September 17, 2018, 06:06:26 AM »
I have setup CWP on CentOS 7 in Digital Ocean droplet. I have created some FTP accounts (On default PureFTP server) and trying to access FTP through FileZilla on windows. FTP server is configured with passive ports range from 30000 to 35000 (Initially it was 30000 to 50000). I have allowed same ports in IN and OUT TCP ports of CSF rules.
Normally, FTP connection works fine and there is no problem of using it.
Sometimes, while navigating through directories in server side, filezilla stucks at 'Retrieving directory listing...' for long time. Once the idle timeout of FTP server reached, it disconnects with message as server closed connection. This happens suddenly sometimes when I am working on FTP. If I disconnect all active sessions in server using FTP Manager in CWP, occasionally it works.
I have done some troubleshooting as below.
Changed the connection from Passive to Active mode in FileZilla -It does not connect.
Already disabled TLS encryption and using plain user name and password
Tried in WinSCP. It worked for a while, but later it too had same problem.
Tried disabling the firewall - Did not work even if reconnected
When firewall was enabled, in FTP server log I found that it was blocking my login after successful login. But, I don't know the reason and also it did not work after disabling firewall
Today I have found a message in log saying that cleartext is not supported on this server, please reconnect using TLS. Does this mean only connections with TLS are supported? But it is working even if connected without TLS sometimes. Also, I had disabled the TLS in FTP server configuration at the time of problem and it was not worked.
What could be the problem? I don't want to use SSH for file transfer as this FTP is being used by my clients. So, they should be able to connect to the server and upload files to specific directory. Also, I should disable the password based authentication for SSH if SSH is used for file transfer. The reason why I did not check other FTP servers is I would like to manage all things from the CWP portal only (Otherwise I have to manage main hosting things in portal and FTP things in command etc.)
Please help me to resolve the problem.
Normally, FTP connection works fine and there is no problem of using it.
Sometimes, while navigating through directories in server side, filezilla stucks at 'Retrieving directory listing...' for long time. Once the idle timeout of FTP server reached, it disconnects with message as server closed connection. This happens suddenly sometimes when I am working on FTP. If I disconnect all active sessions in server using FTP Manager in CWP, occasionally it works.
I have done some troubleshooting as below.
Changed the connection from Passive to Active mode in FileZilla -It does not connect.
Already disabled TLS encryption and using plain user name and password
Tried in WinSCP. It worked for a while, but later it too had same problem.
Tried disabling the firewall - Did not work even if reconnected
When firewall was enabled, in FTP server log I found that it was blocking my login after successful login. But, I don't know the reason and also it did not work after disabling firewall
Today I have found a message in log saying that cleartext is not supported on this server, please reconnect using TLS. Does this mean only connections with TLS are supported? But it is working even if connected without TLS sometimes. Also, I had disabled the TLS in FTP server configuration at the time of problem and it was not worked.
What could be the problem? I don't want to use SSH for file transfer as this FTP is being used by my clients. So, they should be able to connect to the server and upload files to specific directory. Also, I should disable the password based authentication for SSH if SSH is used for file transfer. The reason why I did not check other FTP servers is I would like to manage all things from the CWP portal only (Otherwise I have to manage main hosting things in portal and FTP things in command etc.)
Please help me to resolve the problem.
2
E-Mail / Re: TLS encryption for each domains hosted with CWP
« on: May 11, 2018, 10:35:03 AM »
Yes.
When I try to access, Gmail app is saying that connection is not secure & not allowing to add the mail account for sync. But, it is showing proper hostname as domain.com with Let's Encrypt certificate for the incoming mail server. If I continue with Proceed Anyway, later Gmail app will be force closed automatically while switching to that mail account.
I have the MX record to point to the same domain (@) and PTR records are also proper. I do not get any error while accessing the roundcube webmail or in the admin panel of CWP. Also, I was able to access the email with MS Outlook on my windows 10 PC properly without any error.
I have also checked the SSL details in SSL shopper and also in Check TLS. SSL Shopper is not showing any error. But, Check TLS site is showing the error as 'Certificate 1 of 1 in chain: Cert VALIDATION ERROR(S): unable to get local issuer certificate; unable to verify the first certificate
This may help: What Is An Intermediate Certificate
So email is encrypted but the recipient domain is not verified'. I have tried many things like renaming the hostname, using different MX record with different hostname etc. But, problem is not solved.
I want to host two domains in the same server with single IP address with different mail accounts for each domains with TLS/SSL encryption. I will be using the Let's Encrypt SSL for all the domains. I would like to give an option to use any email client for the email accounts for easy access.
When I try to access, Gmail app is saying that connection is not secure & not allowing to add the mail account for sync. But, it is showing proper hostname as domain.com with Let's Encrypt certificate for the incoming mail server. If I continue with Proceed Anyway, later Gmail app will be force closed automatically while switching to that mail account.
I have the MX record to point to the same domain (@) and PTR records are also proper. I do not get any error while accessing the roundcube webmail or in the admin panel of CWP. Also, I was able to access the email with MS Outlook on my windows 10 PC properly without any error.
I have also checked the SSL details in SSL shopper and also in Check TLS. SSL Shopper is not showing any error. But, Check TLS site is showing the error as 'Certificate 1 of 1 in chain: Cert VALIDATION ERROR(S): unable to get local issuer certificate; unable to verify the first certificate
This may help: What Is An Intermediate Certificate
So email is encrypted but the recipient domain is not verified'. I have tried many things like renaming the hostname, using different MX record with different hostname etc. But, problem is not solved.
I want to host two domains in the same server with single IP address with different mail accounts for each domains with TLS/SSL encryption. I will be using the Let's Encrypt SSL for all the domains. I would like to give an option to use any email client for the email accounts for easy access.
3
E-Mail / Re: TLS encryption for each domains hosted with CWP
« on: May 11, 2018, 02:44:41 AM »
I have tried. But Gmail app is still saying that connection is not secure and it won't proceed to connect incoming mail server. It is showing proper SSL hostname (hosting.domain.com). I gad setup Letsencrypt SSL for all the domaima in the server uaing Auto SSL.
4
E-Mail / TLS encryption for each domains hosted with CWP
« on: May 10, 2018, 06:20:32 AM »
I want to setup IMAP/POP3 access for incoming mail server on my CWP. For accessing the incoming mail server, I will need either POP3 or IMAP access with TLS encryption which is mandatory for most of the email clients.
My main host name is hosting.domain.com and that has the default host certificate.
I have created the domain example.com and created email account for the same as user@example.com. Here, example.com has its own SSL certificate.
When I add the same in mail client (Gmail on Android), I have entered incoming mail server as example.com and selected all the available options for security (like SSL/TLS, SSL/TLS (Accept all certificates), STARTTLS, STARTTLS (Accept all certificates)). But, the server is rendering only the main host name certificate (hosting.domain.com) instead of the mail address's domain certificate.
What can I do to host multiple domains with email accounts secured by TLS for each domains? What is the workaround?
(Note: Previously, I had Vesta-CP and I had replaced the main domain certificate with required main domain certificate and used the same as incoming & outgoing mail server for all the domains. But, it is not the proper way to do so. I can configure the windows mail clients like MS Outlook. But, in android device, I am getting the above said issues).
My main host name is hosting.domain.com and that has the default host certificate.
I have created the domain example.com and created email account for the same as user@example.com. Here, example.com has its own SSL certificate.
When I add the same in mail client (Gmail on Android), I have entered incoming mail server as example.com and selected all the available options for security (like SSL/TLS, SSL/TLS (Accept all certificates), STARTTLS, STARTTLS (Accept all certificates)). But, the server is rendering only the main host name certificate (hosting.domain.com) instead of the mail address's domain certificate.
What can I do to host multiple domains with email accounts secured by TLS for each domains? What is the workaround?
(Note: Previously, I had Vesta-CP and I had replaced the main domain certificate with required main domain certificate and used the same as incoming & outgoing mail server for all the domains. But, it is not the proper way to do so. I can configure the windows mail clients like MS Outlook. But, in android device, I am getting the above said issues).
Pages: [1]
