Messages

436

SSL / Re: Wlidcard SSL really how to?

« on: May 24, 2020, 08:29:05 PM »

dns_master_load: /var/named/acme.doslar.ru.db:13: extra input text
/var/named/acme.doslar.ru.db: file does not end with newline
zone acme.doslar.ru/IN: loading from master file /var/named/acme.doslar.ru.db failed: extra input text
zone acme.doslar.ru/IN: not loaded due to errors.

Open acme.doslar.ru.db

go to the last line and hit enter, then save

Check /root/.acme.sh/ folder.
int there you will find several files including .key .bundle and .crt
There is not .crt file, but there is .csr files(?!)

Probably because the zone was never loaded for the dns to succeed

[quote ]I guess I will make a script to do wildcard certificates to make things easier.[/quote]This is a great idea, will the script be compatible with CentOS7?
[/quote]

Of course it will be.  Just have to work on it

437

SSL / Re: Wlidcard SSL really how to?

« on: May 24, 2020, 07:34:07 PM »

Check /root/.acme.sh/ folder.


You should see a folder named (domain)
int there you will find several files including .key .bundle and .crt

You will need to copy those file to /etc/pki/tls
.key goes in /private folder
.bundle and .crt go it /certs folder

I guess I will make a script to do wildcard certificates to make things easier.

438

SSL / Re: Wlidcard SSL really how to?

« on: May 24, 2020, 12:06:15 PM »

go figure, and update screwed up the tutorial. I also forgot a step in part 2(My Bad)


Step 2 is now )
cd /etc/named
dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST acme
cat K*.private
(Copy the line after KEY:)
nano /etc/named.conf
add at the top under the comments

Code: [Select]

key "acme" {
          algorithm hmac-md5;
          secret "(KEY GOES HERE)";
};


/var/named/acme.schaffner.org.db
Code: [Select]
$ORIGIN .
$TTL 86400      ; 1 day
acme.schaffner.org      IN SOA  ns1.schaffner.org. rcschaff82.gmail.com. (
                                2020021035 ; serial
                                86400      ; refresh (1 day)
                                7200       ; retry (2 hours)
                                3600000    ; expire (5 weeks 6 days 16 hours)
                                86400      ; minimum (1 day)
                                )
$TTL 14400      ; 4 hours
                        NS      ns1.schaffner.org.  ;   THIS IS IMPORTANT.  DO NOT USE BOTH NAMESERVERS FOR LE
$ORIGIN acme.schaffner.org.
$TTL 60 ; 1 minute
Done, but it's displayed corrupted in DNS Functions > List DNS Zones >Edit Records

I don't care what CWP says.  What's the ouput of

Code: [Select]

named-checkzone acme.schaffner.org /var/named/acme.schaffner.org.db

Code: [Select]
NSUPDATE_SERVER=localhost NSUPDATE_KEY=/etc/named/acme.key ./.acme.sh/acme.sh --issue --test -d *.domain.com --challenge-alias acme.schaffner.org --dns dns_nsupdate --debug 2
Return: -bash: ./.acme.sh/acme.sh: No such file or directory

run /scripts/install_acme

439

CentOS-WebPanel Bugs / Re: **** Extremely Angry *** PHP Version switching or FPM building not working 7days

« on: May 24, 2020, 11:36:10 AM »

RAM is a factor.  I shut down apache while doing the upgrade and it worked for me.

Very Good point.  Could also shut down Mysql while upgrading.

Also adding swap memory to the server is beneficial.

440

Installation / Re: LXC php-fpm

« on: May 24, 2020, 11:33:25 AM »

1)  Does  /opt/alt/php-fpm56/ even exist.

If Yes: system start php-fpm56

if No:  Rebuild PHP 5.6 with fpm in CWP

441

CWP API / Re: integration with Wisecp (domain + webhosting)

« on: May 23, 2020, 08:26:59 PM »

CentOS cannot manage the domain names.  That's what WiseCP would do.  It looks like WiseCP uses the API to setup the accounts and do all of the maintenance automatically.  I'm sure they have a module for domain names in WiseCP itself.

442

DNS / Re: How to configure DNSSEC?

« on: May 23, 2020, 08:18:17 PM »

https://www.centlinux.com/2019/09/configure-dnssec-bind-dns-server-centos-7.html

443

CSF Firewall / Re: CSF block all country except 1

« on: May 23, 2020, 07:44:07 PM »

Cc_allow, or cc_allow_filter.  There is a difference.

444

SSL / Re: Wlidcard SSL really how to?

« on: May 23, 2020, 07:40:42 PM »

To get wildcard ssl from LetsEncrypt, you have to validate over DNS.  I posted a pretty good guide on here on how to do it, bit it's complicated to set up at first.

445

CentOS 7 Problems / Re: CWP updater errors

« on: May 23, 2020, 08:57:46 AM »

A forum search would have resulted in the following advice:
The workaround is as follows:

Code: [Select]

groupadd -g 23 nohidproc
usermod -a -G nohidproc polkitd
mount -o remount,rw,hidepid=2,gid=nohidproc /proc
systemctl restart polkit
###Add the following in /etc/fstab as well
echo "proc /proc proc defaults,hidepid=2,gid=nohidproc 0 0" >> /etc/fstab

###After mount the new mountpoint

mount -a
systemctl restart polkit

446

Scripts / Re: reboot if lamp is down

« on: May 23, 2020, 07:17:06 AM »

Please don't post twice on 2 different boards for the same issue.

https://www.itzgeek.com/how-tos/linux/centos-how-tos/monitor-and-manage-services-with-monit-on-centos-7-rhel-7.html

447

MySQL / Re: how to auto reboot server if mysql is down

« on: May 23, 2020, 07:15:37 AM »

https://www.itzgeek.com/how-tos/linux/centos-how-tos/monitor-and-manage-services-with-monit-on-centos-7-rhel-7.html

448

E-Mail / Re: through the domain

« on: May 22, 2020, 03:53:18 PM »

does your script use php_mail() or SMTP.  I'm not sure you can change the name of the server it sends though.  All domains are hosted on a "mail Server", yours being panel. .

449

E-Mail / Re: through the domain

« on: May 22, 2020, 03:16:23 PM »

Please expand.

You mean your server is server.example.com
Your Ecomerce is example.net

So you want your email to send through server.example.com?

450

SSL / Re: Secure your Webmail with Letsencrypt SSL Certificate , 100% Working

« on: May 22, 2020, 03:12:43 PM »

This is built in now.  In cwp, search ssl on the left.  Find your domain.  Check all 4 boxes (mail, cpanel, webmail, ftp).  Request the cert