Messages

1

SSL / Re: SSL certicate on add on domain error

« on: March 15, 2017, 04:38:00 AM »

OK - UPDATE - AND A WORKING FIX FOR THOSE THAT NEED IT

Finally found a fix - bearing in mind that in this case each account has separate IP address, this was ssl-conf as generated by CWP panel before fix:

<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
Listen 443
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS

NameVirtualHost x.x.x.111:443
NameVirtualHost x.x.x.110:443
NameVirtualHost x.x.x.112:443

adding this line to end manually fixed the problem (SNI related I think)

NameVirtualHost *:443

also in vhosts-ssl.conf for each entry relating to ssl enabled addon domain or subdomain change ip address from x.x.x.x:443 to *:443

correct cert then loading for domains, this works for add-on and subdomains

dont forget to restart apache

Hope this solves the issue for anyone else who experiences hours of grief trying to figure it out ! 

2

SSL / Re: SSL certicate on add on domain error

« on: March 15, 2017, 12:57:32 AM »

check the cert and private key should match or reissue the certs vy generating new CSR

Yes cert & key match and I have tried regen several times and for more than one domain as well. besides they were generated by built in SSL generator - self signed so no csr required other than what is generated automatically.  This works fine on primary domain names but fails on add on domains and also now I discover on subdomains as well i.e generate cert for  sub.example.com and add cert to that subdomain the same problem occurs. I have tried every possible (I can think off) combination and nothing works or apache fails to restart if mismatch between cert and domain name where I tried adding cert for add on  or subdomain to main domain to see if that might be a workaround.

I really am now convinced this is a bug - unless there is something I am totally missing here. Are U not able to test this yourselves ?

I also generated cert for primary domain and added, worked 100% on that domain, now I should be able to access subdomains and add on domains using https on the same account, of course browser will complain about security and ask if I want to add exception - however that is not happening I am getting "An error occurred during a connection to secure.example.net. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG," this is with self signed and a legit CA auth signed cert as well that works as described below on cPanel - TESTED!!. 

To confirm that what I say is correct try https://centos-webpanel.com/ will do just as I say, message "Your connection is not secure The owner of centos-webpanel.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website." - click on advanced - add exception - view certificate status gives  "Common Name (CN) support.centos-webpanel.com issued by cPanel etc etc" this is what should be happening with this panel.

3

SSL / Re: SSL certicate on add on domain error

« on: March 14, 2017, 06:18:57 AM »

Update - I deleted add on domain and created separate account on own ip address added the subject domain as primary for new account then added same ssl cert and it worked fine no errors (other than self signed error in browser), so as all parameters are the same, I suspect that there is a bug in panel when adding cert to add on domain, some field not needed on primary domain is not being added or updated to use with add on domain... this is speculation, I am no apache guru, so I am not sure what to check. FYI: running centos7 with cwp7 - so apache 2.4.

Also I have added self signed ssl certs to addon domains in cpanel before now without issue and have not struck this problem there....

4

SSL / SSL certicate on add on domain error

« on: March 14, 2017, 03:35:12 AM »

On a user account primary domain example.com with it's own ip address for account (working 100% fine) with add-on domain add-on-domain.com, generated self signed ssl cert (with built in generator and with XCA in case there was a problem with cert) for add-on-domain.com.  The cert installed OK, but while it would operate fine on port 443 for example.com (after authorising in browser of course) and on https://ip-address, when attempting to access https://add-on-domain.com it throws this error on browser :

An error occurred during a connection to add-on-domain.com SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG

I would suspect a problem with setup but for the fact main url works ok.

port 80 http works as expected - no problems

I have checked entry in vhosts-ssl.conf looks fine

got me beat, can anyone suggest what might be going on here please ?

5

CentOS-WebPanel Bugs / Re: Problem with PHP version switcher in latest

« on: February 27, 2017, 12:54:40 PM »

manually compile php through ssh/terminal

mkdir -p /usr/local/php-7-0-16
cd /usr/local/php-7-0-16
wget http://in1.php.net/distributions/php-7.0.16.tar.gz
tar zxvf php-7.0.16.tar.gz
cd php-7.0.16

Code: [Select]

./configure --with-config-file-path=/usr/local/php --with-config-file-scan-dir=/usr/local/php/php.d --enable-fpm --enable-mbstring --enable-zip --enable-bcmath --enable-pcntl --enable-ftp --enable-exif --enable-calendar --enable-sysvmsg --enable-sysvsem --enable-sysvshm --enable-wddx --with-curl --with-mcrypt --with-iconv --with-gmp --with-pspell --with-gd --with-jpeg-dir=/usr --with-png-dir=/usr --with-zlib-dir=/usr --with-xpm-dir=/usr --with-freetype-dir=/usr --enable-gd-native-ttf --enable-gd-jis-conv --with-openssl --with-pdo-mysql=/usr --with-gettext=/usr --with-zlib=/usr --with-bz2=/usr --with-recode=/usr --with-mysqli --enable-soap --enable-intl --enable-phar --with-xsl --with-xmlrpc --with-kerberos --enable-posix --enable-sockets --with-pcre-regex --enable-calendar --with-libdir=lib64 --with-mysql-sock=/var/lib/mysql/mysql.sock --enable-shmop

Thankyou - that fixed the problem - I used php-7.1.2

For the benefit of others, perhaps we should also add that after doing the above, then also run commands:

make
make install

Also for convenience I added all of the above to a bash script so I can easily repeat if needed.

6

Information / Re: multiple NAT IPs

« on: February 26, 2017, 11:36:48 PM »

For adding local (LAN) IPs for centos 6 or lower see http://wiki.centos-webpanel.com/add-additional-ip-address

-- this tutorial is for public ip not for the nat private ip.

Sorry, please accept apologies - last thing I want to do is mislead anyone

7

CentOS-WebPanel Bugs / Re: Script reset mysql password fails cwp on centos 7

« on: February 26, 2017, 10:46:42 PM »

try this script :
https://drop.me/opgOYB

Sorry still fails with updated script, on console when run - after line "resetting password" this error : ERROR 2002 (HY000) Cant connect to local MySQL server through socket ' /var/lib/mysql/mysql.sock' (2 "No such file or directory)

and after line "Cleaning up ..."  ERROR! MySQL is running but PID file could not be found.

Im on centos 7 64 bit

NB when I run my modified version of original script to put original password back ( just hard coded password where it was generated randomly thats all ) it give same errors but login then works again - it is very weird !

I checked mysql.sock does exist in that folder.  also on original got "stopping/starting mysqld (via systemctl) OK" so I dont think command to stop and start mysql is where the problem lies..., as I see thats what has been altered in script.

8

CentOS-WebPanel Bugs / Re: Problem with PHP version switcher in latest

« on: February 26, 2017, 10:32:37 PM »

what OS you're using ?

Centos 7 (core) x86-64 kernel 3.10.0-514 (ran yum update yesterday)

CWP for centos 7 ver 0.9.8.263 (ran cwp_update yesterday)

9

CentOS-WebPanel Bugs / Re: Script reset mysql password fails cwp on centos 7

« on: February 26, 2017, 01:21:55 PM »

Problem still exists - fully updated to Ver: 0.9.8.263 

Lest there be any confusion that command is:  cd /scripts/ ; sh mysql_pwd_reset

10

CentOS-WebPanel Bugs / Problem with PHP version switcher in latest

« on: February 26, 2017, 01:01:35 PM »

1. Bug - soap does not enable when selected, an examination of the generated php-config file shows --enable-soaps instead of --enable-soap, so would appear to be a typo in the generating script.

2. with new format of selection by checkbox, there does not appear to be a way of adding more options that are not on list, for instance I could not find a way to enable "shmop" ie --enable-shmop

Is there a work around for these two issues please ?

11

Information / Re: multiple NAT IPs

« on: February 26, 2017, 03:11:31 AM »

Hi I apologise if I misunderstand what U are after and want to do, but this I hope this may help:

For adding local (LAN) IPs for centos 6 or lower see http://wiki.centos-webpanel.com/add-additional-ip-address

for centos 7 see http://forum.centos-webpanel.com/informations/add-additional-ip-addresses-to-cwp-7/msg10162/#msg10162

that will give U local IP range, primary ip for server set in panel as NAT and others allocated to user accounts

To see those local additional IP addresses on your public IP range U need 1-1 Nat on your router for each IP, I use a draytec vigor 2860 but cisco and some others also support this (ie multi 1-1 nat). All U need to do then is ensure that DNS records are set to public IPs that match up to locals.

Hope this helps

12

Information / Add additional IP addresses to CWP 7

« on: February 20, 2017, 05:07:43 AM »

For CWP 7 adding additional IP addresses using method in WIKI will give you a headache!

Try this, it worked for me.

Depending on the amount of IPs you’re configuring, it may be easier to just add them manually. Adding a small number of IPs can be completed by adding them to your main network interface configuration file. Let’s cover the permanent method by updating our network interface configuration using the following command (replacing enp3s0 if different with your interface name):

[root@localhost ]# vi /etc/sysconfig/network-scripts/ifcfg-enp3s0

Assuming that you already have at least one IP address configured (eg: 192.168.1.2) from for example your 192.168.1.0/29 range as IPADDR=, you can append the following lines to your configuration file to enable additional usable IP addresses from your /29 CIDR:

IPADDR0=192.168.1.3
IPADDR1=192.168.1.4
IPADDR2=192.168.1.5
IPADDR3=192.168.1.6
PREFIX0=29
PREFIX1=29
PREFIX2=29
PREFIX3=29

Restart the network for the changes to take effect:

[root@localhost]# systemctl restart network

Lastly, check that they’re working as expected:

[root@localhost ]# ping -c 4 192.168.1.3

[root@localhost ]# ping -c 4 192.168.1.4

[root@localhost ]# ping -c 4 192.168.1.5

[root@localhost ]# ping -c 4 192.168.1.6

Make sure to substitute the relevant CIDR for your requirements ie 24 for 253 IPs etc in PREFIXes .

Restart apache ( I did - may not be necessary )

Additional IP address will then be visible in admin panel for new user setup.

Hope this helps somebody....

13

CentOS 7 Problems / Re: Just moved to CWP7 - couple issues

« on: February 20, 2017, 02:58:31 AM »

I had same problem with advanced file manager - its a bug, ran /scripts/update_cwp and that fixed the problem, hope that helps.

14

CentOS-WebPanel Bugs / Script reset mysql password fails cwp on centos 7

« on: February 17, 2017, 05:31:31 AM »

Installed CWP latest on centos 7, ran cwp update latest.

Ran script to update mysql password, and then login to panel failed with error message, obfuscated and check mysql password etc, so I edited a copy of script to put original password back (which I fortunately had) ran it and then was able to log in normally.

This script worked on my centos 6 previous install on same hardware (and still does) but not on latest centos 7 install with mariadb, there appears to be something in the script that is not operating correctly with this CWP (ver 241), I have tried it out several times and it happens consistently.