1st September 2006, 00:46
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Core 4: Error Messages on Fresh Install re CTX/SSL
Thank is advance to anyone reading and helping. ~jjw
Fresh install Core 4 following perfect setup (except: I never added extra virtual IPs)
We have a local DNS server that points correctly to the new ISPConfig-installed server.
I set up a site, and a mail user (web1_test). I then attemtped to connect to get mail with Thunderbird, set up for secure connection. It failed, and I got similar error messages as a previous failed attempt remotely.
Here are the errors:
Code:
Aug 31 18:04:58 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:04:58 mail postfix/master[29873]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:07:04 mail ipop3d[30995]: pop3 service init from 127.0.0.1
Aug 31 18:08:15 mail ipop3d[31606]: pop3 service init from 127.0.0.1
Aug 31 18:08:16 mail ipop3d[31606]: Login user=web1_lucifer host=localhost.local domain [127.0.0.1] nmsgs=0/0
Aug 31 18:08:16 mail ipop3d[31606]: Command stream end of file while reading lin e user=web1_lucifer host=localhost.localdomain [127.0.0.1]
Aug 31 18:19:47 mail ipop3d[29003]: pop3s SSL service init from 192.168.0.13
Aug 31 18:19:47 mail ipop3d[29003]: Unable to load certificate from /usr/share/s sl/certs/ipop3d.pem, host=[192.168.0.13]
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:02001002:system libr ary:fopen:No such file or directory
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:20074002:BIO routine s:FILE_CTRL:system lib
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:140DC002:SSL routine s:SSL_CTX_use_certificate_chain_file:system lib
Aug 31 18:31:54 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:31:54 mail postfix/master[2204]: daemon started -- version 2.2.2, conf iguration /etc/postfix
I then attempted a non-secure connection. It never worked, and there were no new entries in maillog. :| Matter of fact, I rebooted the system and attempted another non-secure connection. Again, nothing new added.
Where have I erred?
Entire maillog:
Code:
Aug 31 16:24:11 mail sendmail[2031]: alias database /etc/aliases rebuilt by root
Aug 31 16:24:11 mail sendmail[2031]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total
Aug 31 16:24:11 mail sendmail[2035]: starting daemon (8.13.4): SMTP+queueing@01: 00:00
Aug 31 16:24:11 mail sm-msp-queue[2041]: starting daemon (8.13.4): queueing@01:0 0:00
Aug 31 17:01:12 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 17:01:12 mail postfix/master[4051]: daemon started -- version 2.2.2, conf iguration /etc/postfix
Aug 31 17:01:12 mail postfix/smtpd[4080]: connect from localhost.localdomain[127 .0.0.1]
Aug 31 17:01:22 mail postfix/smtpd[4080]: disconnect from localhost.localdomain[ 127.0.0.1]
Aug 31 17:29:16 mail sendmail[20178]: k7VLTGmu020178: from=root, size=822, class =0, nrcpts=1, msgid=<200608312129.k7VLTGmu020178@mail.wnetworks.net>, relay=root @localhost
Aug 31 17:29:17 mail postfix/smtpd[20179]: connect from localhost.localdomain[12 7.0.0.1]
Aug 31 17:29:17 mail postfix/smtpd[20179]: setting up TLS connection from localh ost.localdomain[127.0.0.1]
Aug 31 17:29:17 mail postfix/smtpd[20179]: TLS connection established from local host.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Aug 31 17:29:17 mail sendmail[20178]: STARTTLS=client, relay=[127.0.0.1], versio n=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Aug 31 17:29:17 mail postfix/smtpd[20179]: 901E676E2A9: client=localhost.localdo main[127.0.0.1], sasl_sender=root@mail.wnetworks.net
Aug 31 17:29:17 mail postfix/cleanup[20182]: 901E676E2A9: message-id=<2006083121 29.k7VLTGmu020178@mail.wnetworks.net>
Aug 31 17:29:17 mail postfix/qmgr[4057]: 901E676E2A9: from=<root@mail.wnetworks. net>, size=1448, nrcpt=1 (queue active)
Aug 31 17:29:17 mail sendmail[20178]: k7VLTGmu020178: to=root, ctladdr=root (0/0 ), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30822, relay=[127.0.0.1] [ 127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 901E676E2A9)
Aug 31 17:29:17 mail postfix/smtpd[20179]: disconnect from localhost.localdomain [127.0.0.1]
Aug 31 17:29:17 mail postfix/local[20183]: 901E676E2A9: to=<root@mail.wnetworks. net>, relay=local, delay=0, status=sent (delivered to mailbox)
Aug 31 17:29:17 mail postfix/qmgr[4057]: 901E676E2A9: removed
Aug 31 17:57:38 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 17:57:38 mail postfix/master[4051]: terminating on signal 15
Aug 31 17:57:41 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 17:57:41 mail postfix/master[14695]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 17:58:18 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 17:58:18 mail postfix/master[14695]: terminating on signal 15
Aug 31 17:58:19 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 17:58:19 mail postfix/master[17235]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:04:18 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 18:04:18 mail postfix/master[17235]: terminating on signal 15
Aug 31 18:04:23 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:04:23 mail postfix/master[29452]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:04:57 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 18:04:57 mail postfix/master[29452]: terminating on signal 15
Aug 31 18:04:58 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:04:58 mail postfix/master[29873]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:07:04 mail ipop3d[30995]: pop3 service init from 127.0.0.1
Aug 31 18:08:15 mail ipop3d[31606]: pop3 service init from 127.0.0.1
Aug 31 18:08:16 mail ipop3d[31606]: Login user=web1_lucifer host=localhost.local domain [127.0.0.1] nmsgs=0/0
Aug 31 18:08:16 mail ipop3d[31606]: Command stream end of file while reading lin e user=web1_lucifer host=localhost.localdomain [127.0.0.1]
Aug 31 18:19:47 mail ipop3d[29003]: pop3s SSL service init from 192.168.0.13
Aug 31 18:19:47 mail ipop3d[29003]: Unable to load certificate from /usr/share/s sl/certs/ipop3d.pem, host=[192.168.0.13]
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:02001002:system libr ary:fopen:No such file or directory
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:20074002:BIO routine s:FILE_CTRL:system lib
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:140DC002:SSL routine s:SSL_CTX_use_certificate_chain_file:system lib
Aug 31 18:31:54 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:31:54 mail postfix/master[2204]: daemon started -- version 2.2.2, conf iguration /etc/postfix
Aug 31 18:32:33 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 18:32:33 mail postfix/master[2204]: terminating on signal 15
Aug 31 18:32:34 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:32:35 mail postfix/master[2553]: daemon started -- version 2.2.2, conf iguration /etc/postfix
|
1st September 2006, 00:57
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
# find / -name ipop3d.pem yields nothing. Of course then, this error message:
Code:
Aug 31 18:53:50 mail ipop3d[3621]: Unable to load certificate from /usr/share/ssl/certs/ipop3d.pem, host=[192.168.0.13]
So, why is there no ipop3d.pem? 
|
1st September 2006, 00:59
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
# find / -name "*.pem"
/etc/pki/tls/cert.pem
/etc/pki/dovecot/dovecot.pem
/etc/pki/dovecot/private/dovecot.pem
/etc/postfix/ssl/cacert.pem
/etc/postfix/ssl/cakey.pem
/usr/share/swamp/CA.pem
/usr/share/swamp/A-client.pem
/home/joe/Desktop/edMailServer/master/etc/postfix/ssl/cacert.pem
/home/joe/Desktop/edMailServer/master/etc/postfix/ssl/cakey.pem
|
1st September 2006, 10:01
|
|
Super Moderator
|
|
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,911
Thanks: 693
Thanked 4,198 Times in 3,213 Posts
|
|
Your ipop3d ssl certificates where missing. Try to reinstall ipop3d, the certificates where normally generated automatically during installation.
|
1st September 2006, 12:31
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Thank you for the response Till.
I am not sure how to do this, as there is no outright declaration for install pop3d in the perfect setup guide. How would you do this?
~jjw
|
1st September 2006, 19:47
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Trying Again
Thanks for reading ~ jjw
Ok, so I started from scratch again. Followed the perfect install for Core 4 (except, no added IPs-why does it tell us to do this if we don't use them?).
Followed it every step of the way, and I'm getting the same error messages:
Code:
Sep 1 13:35:28 mail postfix/master[4185]: daemon started -- version 2.2.2, configuration /etc/postfix
Sep 1 13:35:47 mail ipop3d[4226]: pop3 service init from 127.0.0.1
Sep 1 13:35:47 mail ipop3d[4226]: Login user=web1_newTest host=localhost.localdomain [127.0.0.1] nmsgs=0/0
Sep 1 13:35:47 mail ipop3d[4226]: Command stream end of file while reading line user=web1_newTest host=localhost.localdomain [127.0.0.1]
Sep 1 13:40:01 mail ipop3d[4560]: pop3 service init from 192.168.0.13
Sep 1 13:40:26 mail ipop3d[4560]: Command stream end of file while reading line user=??? host=[192.168.0.13]
Sep 1 13:40:44 mail ipop3d[4583]: pop3s SSL service init from 192.168.0.13
Sep 1 13:40:44 mail ipop3d[4583]: Unable to load certificate from /usr/share/ssl/certs/ipop3d.pem, host=[192.168.0.13]
Sep 1 13:40:44 mail ipop3d[4583]: SSL error status: error:02001002:system library:fopen:No such file or directory
Sep 1 13:40:44 mail ipop3d[4583]: SSL error status: error:20074002:BIO routines:FILE_CTRL:system lib
Sep 1 13:40:44 mail ipop3d[4583]: SSL error status: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib
I have DNS pointing to the IP address of the interface, and you can see I started a connection. If I followed the perfect install, why wasn't this certificate created?
In fact, I got an error this time after reinstall (8182 corrupt certificate), and followed the dorections here for a rebuild:
http://www.wallpaperama.com/disp-post70.html
The 8182 error has happened every time I've done an install, except one time. Can someone tell me where I am wrong?
~jjw
|
2nd September 2006, 10:08
|
|
Super Moderator
|
|
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,911
Thanks: 693
Thanked 4,198 Times in 3,213 Posts
|
|
Are you able to connect to pop3 without ssl encryption?
|
3rd September 2006, 16:03
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Quote:
|
Originally Posted by till
Are you able to connect to pop3 without ssl encryption?
|
Thank you Till. I have since done two complete re-installs of OS & ISPConfig, and getting the same issue.
To answer your question: Yes, I can connect to pop3 from another machine from command line, and send email to the newest account I have created. I can see the statistics, and I can see the email in the mbox file (I've since changed to Maildir). Yet, cannot connect with mail client using SSL.
|
3rd September 2006, 18:18
|
|
Super Moderator
|
|
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 31,911
Thanks: 693
Thanked 4,198 Times in 3,213 Posts
|
|
Please post the output of:
netstat -tap
|
3rd September 2006, 20:07
|
|
Member
|
|
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
netstat -tap:
Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 2002/xinetd
tcp 0 0 *:32769 *:* LISTEN 1670/rpc.statd
tcp 0 0 *:pop3s *:* LISTEN 2002/xinetd
tcp 0 0 *:mysql *:* LISTEN 2093/mysqld
tcp 0 0 *:pop3 *:* LISTEN 2002/xinetd
tcp 0 0 *:imap *:* LISTEN 2002/xinetd
tcp 0 0 *:sunrpc *:* LISTEN 1651/portmap
tcp 0 0 *:81 *:* LISTEN 2415/ispconfig_http
tcp 0 0 192.168.0.10:domain *:* LISTEN 3370/named
tcp 0 0 mail.wnetworks.net:domain *:* LISTEN 3370/named
tcp 0 0 mail.wnetworks.net:ipp *:* LISTEN 1945/cupsd
tcp 0 0 mail.wnetworks.net:5335 *:* LISTEN 1927/mDNSResponder
tcp 0 0 mail.wnetworks.net:rndc *:* LISTEN 3370/named
tcp 0 0 *:smtp *:* LISTEN 3339/master
tcp 0 0 mail.wnetworks.net:rndc mail.wnetworks.net:46981 TIME_WAIT -
tcp 0 0 mail.wnetworks.net:53582 mail.wnetworks.net:ipp ESTABLISHED 3602/eggcups
tcp 0 0 mail.wnetworks.net:ipp mail.wnetworks.net:53582 ESTABLISHED 1945/cupsd
tcp 0 0 *:http *:* LISTEN 3271/httpd
tcp 0 0 *:ftp *:* LISTEN 3390/proftpd: (acce
tcp 0 0 *:ssh *:* LISTEN 1993/sshd
tcp 0 0 *:https *:* LISTEN 3271/httpd
tcp 0 0 ::ffff:192.168.0.10:ssh ::ffff:192.168.0.13:1204 ESTABLISHED 2975/sshd: joe [pri
tcp 0 0 ::ffff:192.168.0.10:ssh ::ffff:192.168.0.13:1203 ESTABLISHED 2955/sshd: joe [pri
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT +2. The time now is 14:37.
|
|
English | 
Deutsch
Recent comments
13 hours 16 min ago
18 hours 21 min ago
22 hours 45 min ago
1 day 34 min ago
1 day 14 hours ago
1 day 14 hours ago
1 day 19 hours ago
2 days 2 hours ago
2 days 3 hours ago
2 days 4 hours ago