Messages

106

DKIM / Re: My nameservers are missing TrustedHosts and KeyTable - Is this normal?

« on: December 29, 2021, 01:55:48 PM »

In my dkim manager I have 1 domain that has RED for trusted host.  The other 20 domains are GREEN.  Cert is ok.

Why is only 1 domain not trusted.

107

Installation / Re: securing the sub-domain of a CWP server

« on: December 22, 2021, 12:14:04 PM »

Hello

Am running fresh install of CWP on Centos 8 (DigitalOcean). New(er) linux user in general.

I'm having trouble getting https active on the sub-domain.

I have a regular CWP user setup that has the domain added, along with other subdomains. certs are working fine otherwise, but CWP won't let me add the subdomain in order to get the cert for cwp.xxxx.com

I tried a couple ways using command line and got nowhere. What am I missing? Happy to provide any outputs necessary.

Thanks!

Your first mistake is choosing centos 8.  It will no longer be supported after next week.

108

Dovecot / Mail sent but dovecot error

« on: December 20, 2021, 10:46:56 PM »

Mail log shows mail delivered with errors.

Error: net_connect_unix(/run/dovecot/stats-writer) failed

109

Backup / No sql backup

« on: December 20, 2021, 12:28:47 PM »

I have ONLY mysql backup enabled.  And there is no backup.  I dont need regular backups.  It seems that mysql backup only happens with regular backup.  Am I correct?

110

PHP / Re: PHP-FPM sodium module should have argon2 support.

« on: December 19, 2021, 01:32:58 AM »

I had a sodium error last week.  I think it appeared when I was trying to switch to php 7.4.24 from 5.6

111

PHP Selector / Re: Once Composer is installed how do I setup for PHP to send mail via SSL/TLS?

« on: December 18, 2021, 12:08:03 PM »

I am curious also.   Thunderbird keeps making me agree to accept self signed certs for all of my email accounts.

112

PHP Selector / Re: Unable to update PHP 5.6.37 to 7.4

« on: December 18, 2021, 12:06:34 PM »

Try 7.3 instead.  I had the same problem.

113

CentOS-WebPanel GUI / Re: *Security token failed* message at login

« on: December 17, 2021, 11:38:26 AM »

yes, I have server configured to login with security keys not root.   I dont think using root to access GUI is a good idea.

114

CentOS-WebPanel GUI / *Security token failed* message at login

« on: December 16, 2021, 11:31:45 PM »

How do I get rid of the error message on the login screen for admin user.

115

E-Mail / New problem stream tls 1.3

« on: December 14, 2021, 11:14:15 AM »

Code: [Select]

Dec 14 10:46:01 server postfix/smtpd[33721]: Anonymous TLS connection established from li1437-182.members.linode.com[45.33.110.182] to mail.madeinsouthafrica.com: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
Dec 14 10:46:02 server cbpolicyd[25034]: module=Quotas, mode=create, host=45.33.110.182, helo=[172.27.232.118], from=s_imhof@madeinsouthafrica.com, to=2019@lakeservers.com, reason=quota_create, policy=7, quota=4, limit=5, track=Sender:@madeinsouthafrica.com, counter=MessageCount, quota=1.00/200 (0.5%)
Dec 14 10:46:02 server postfix/smtpd[33721]: 6E60226058A: client=li1437-182.members.linode.com[45.33.110.182], sasl_method=PLAIN, sasl_username=s_imhof@madeinsouthafrica.com
Dec 14 10:46:02 server postfix/cleanup[33729]: 6E60226058A: message-id=
Dec 14 10:46:02 server opendkim[1627]: 6E60226058A: DKIM-Signature field added (s=default, d=madeinsouthafrica.com)
Dec 14 10:46:02 server postfix/qmgr[1258]: 6E60226058A: from=, size=916, nrcpt=1 (queue active)
Dec 14 10:46:02 server postfix/lmtp[33730]: 6E60226058A: to=, relay=server.companiondriver.com[private/dovecot-lmtp], delay=0.61, delays=0.56/0.02/0.02/0.01, dsn=2.0.0, status=sent (250 2.0.0 3ZaCL+p1uGHDgwAAw7guAw Saved)
Dec 14 10:46:02 server postfix/qmgr[1258]: 6E60226058A: removed
My new stream server is having many problems related to mail delivery.  Above is the error message I am getting when trying to send email from thunderbird client.

116

E-Mail / Re: smtpauth not working for me.

« on: December 14, 2021, 11:07:20 AM »

Your server is responding with domain "www.grannydriver.com", not "mail.grannydriver.com":

Code: [Select]

# openssl s_client -crlf -servername mail.grannydriver.com -connect mail.grannydriver.com:465
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = www.grannydriver.com
verify return:1
---
Certificate chain
 0 s:/CN=www.grannydriver.com
   i:/C=US/O=Let's Encrypt/CN=R3
 1 s:/C=US/O=Let's Encrypt/CN=R3
   i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
 2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAy1c+T30Hq0QxG1AgMrf/eb2MA0GCSqGSIb3DQEBCwUA
MDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQD
EwJSMzAeFw0yMTEyMDYxMzI2NDVaFw0yMjAzMDYxMzI2NDRaMB8xHTAbBgNVBAMT
FHd3dy5ncmFubnlkcml2ZXIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA5LJVpmxdDxioBXUQs3CHZEHvrHK1iHgyZ3NDj2XMdNBkae1TroZgEiJH
nb4wo2XRfCYlZu4iLCmd86sjnwO8xjI4VLQylvoKAYBllWgXUy9sc7nRYNo5pWiP
fKshcAjyeHtIkfX9KFYnpBQqqGdgk+QPnZG89OPAZdhmasl0airdvZ3BR1KFpEDH
9oEzOIN9lZxCuOTxAdUzbhDzI9svMwi6/NVHKEeNS/+5pO05tvCRZ7D41miDx62g
Fu5ayg+i3JtrucpLIMp6Vxd3koh6sN9Roq3QoZuCUU07Bs9UE7aYFpUcxeRclcu1
B/ZATL6D4UK3YrkxaAS+BAmVXOt1BQIDAQABo4ICdjCCAnIwDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAA
MB0GA1UdDgQWBBS1wiCY1ZdYvJu2oG9RJPJVtEP0CjAfBgNVHSMEGDAWgBQULrMX
t1hWy65QCUDmH6+dixTCxjBVBggrBgEFBQcBAQRJMEcwIQYIKwYBBQUHMAGGFWh0
dHA6Ly9yMy5vLmxlbmNyLm9yZzAiBggrBgEFBQcwAoYWaHR0cDovL3IzLmkubGVu
Y3Iub3JnLzBIBgNVHREEQTA/ghBncmFubnlkcml2ZXIuY29tghVtYWlsLmdyYW5u
eWRyaXZlci5jb22CFHd3dy5ncmFubnlkcml2ZXIuY29tMEwGA1UdIARFMEMwCAYG
Z4EMAQIBMDcGCysGAQQBgt8TAQEBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcHMu
bGV0c2VuY3J5cHQub3JnMIIBAgYKKwYBBAHWeQIEAgSB8wSB8ADuAHUAQcjKsd8i
RkoQxqE6CUKHXk4xixsD6+tLx2jwkGKWBvYAAAF9kCPPlQAABAMARjBEAiBkbDdF
4bK2bsm5rbZR4gBM7R5piXWC3RC3FVMXhBsGzgIgaOgWnvdAOKUWgzZvSgt9gtE/
3WrpA8ujgFvx69acX8oAdQApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3H
hAAAAX2QI8+IAAAEAwBGMEQCIB+R6SC4K8ZnaLx2bfXgUR7cSF7tuSv/OlEGiO25
hXi1AiBZz/CWruKNuk1t1wzFRAFwimFwxMa15syTkLg2RKawQzANBgkqhkiG9w0B
AQsFAAOCAQEAgEtCO6DqfOVGCXueRtj3+6qfsL7xqPcsFn/yXDV1pronetiHpHMr
hzew5C81guGslzHtLaMHbh6DGGE4hkdYgfGn7NF9EQ4DHO1muuvoJGeFef8SJOln
DRq2CY+qlgPct0uhuJAwGP6tpssr6KGD3Lnkd2qFcOa7dDVmzTelLQeJ1wBIZwYo
HCJv+VhIEzBxNBuNf+UJjtGWbJGYhz/bcAUf4w+Kc1/1ED5na2w2jeTW6wnAAq/O
QSulyYBEtVakt4D0jGkATrFf0C3yFMuBQkm37PGxVPFiF59wh4gqjinRwM88zNub
u6A9Nlxi6yyqpGLVUUqO93bmmDb7yCRIpw==
-----END CERTIFICATE-----
subject=/CN=www.grannydriver.com
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4751 bytes and written 445 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 521A1C63857F51F18148ECE661E290716C20E600C947D8FDA9F4FAA12FEB89CD
    Session-ID-ctx:
    Master-Key: 8F4BA1D0A7D47069BB9A1E006D4C5BDE7A2EFEF24022042038EDFD49DF272B53A4676C66407D018E3C2D76D593E2ED21
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - b7 51 6e e1 c0 5b 8e 4a-92 3d 84 6d ec be f2 fb   .Qn..[.J.=.m....
    0010 - be 9f 39 4e 6c 15 70 93-a5 e3 59 32 cb f9 fa bc   ..9Nl.p...Y2....
    0020 - 51 d6 8c 21 88 64 da d8-1d bc f3 02 d9 6d f5 bc   Q..!.d.......m..
    0030 - 90 62 d0 a6 f9 03 52 c5-c3 b1 b5 30 37 68 e2 f3   .b....R....07h..
    0040 - 6d 39 97 f8 b2 51 ab 20-4e c0 99 2d b2 61 32 7b   m9...Q. N..-.a2{
    0050 - 0e a1 2a ad 66 8e 83 1b-08 5c d2 e3 99 69 0b 03   ..*.f....\...i..
    0060 - 66 fc d1 fb d0 a2 33 c9-47 27 d1 da 2f 4a a6 11   f.....3.G'../J..
    0070 - fa a0 59 4c 0e 5f 41 dd-80 cc f5 a8 c0 bc e3 74   ..YL._A........t
    0080 - 7a 31 44 96 94 4b b5 29-cf e4 0c 4b ad 58 af f7   z1D..K.)...K.X..
    0090 - a3 68 4d 2a 40 2a d4 d2-57 99 38 e0 8c d1 c1 d7   .hM*@*..W.8.....
    00a0 - 72 28 20 67 8c ca ff 68-68 ab 01 be 48 80 9c 44   r( g...hh...H..D
    00b0 - c1 b6 49 12 bb 99 9a 81-8e b5 85 de 9e 57 e2 b1   ..I..........W..

    Start Time: 1639091792
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
220 server.companiondriver.com ESMTP Postfix
quit
221 2.0.0 Bye
closed

This suggests that you need to configure a additional certificate, for "mail.grannydriver.com", in addition to other domains you use.

Regards,
Netino

I dont understand.   I have certs for all of my mail.domain.com websites, verified with ssllabs.com

117

FTP / Re: cannot connect to port 21 after upgrade to cwppro

« on: December 12, 2021, 03:23:58 PM »

I already put my ip on whitelisting, I connect from windows using winsccp and filezilla is the same result always connecting, I also try ftp from other centos is the same. I will try turn off modsec and report the result here later.

Also add it to you ignore list.

Be sure that modsec and firewall are both off when troubleshooting.

118

FTP / Re: cannot connect to port 21 after upgrade to cwppro

« on: December 10, 2021, 11:51:16 AM »

Try turning off modsec also.

119

Installation / Re: PHP Version Switcher v2 not changing version

« on: December 07, 2021, 01:34:20 PM »

I am having the same problem on Centos Stream 8, any solution available?

I couldnt install 7.4.26 but I was able to switch to 7.3

Try 7.3

120

Installation / Re: PHP Version Switcher v2 not changing version

« on: December 07, 2021, 12:45:20 PM »

Same problem for me centos stream.  Unable to change php.

error

Make libsodium.lo error 1