Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 1st September 2006, 00:46
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
Default Core 4: Error Messages on Fresh Install re CTX/SSL

Thank is advance to anyone reading and helping. ~jjw

Fresh install Core 4 following perfect setup (except: I never added extra virtual IPs)

We have a local DNS server that points correctly to the new ISPConfig-installed server.

I set up a site, and a mail user (web1_test). I then attemtped to connect to get mail with Thunderbird, set up for secure connection. It failed, and I got similar error messages as a previous failed attempt remotely.

Here are the errors:
Code:
Aug 31 18:04:58 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:04:58 mail postfix/master[29873]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:07:04 mail ipop3d[30995]: pop3 service init from 127.0.0.1
Aug 31 18:08:15 mail ipop3d[31606]: pop3 service init from 127.0.0.1
Aug 31 18:08:16 mail ipop3d[31606]: Login user=web1_lucifer host=localhost.local domain [127.0.0.1] nmsgs=0/0
Aug 31 18:08:16 mail ipop3d[31606]: Command stream end of file while reading lin e user=web1_lucifer host=localhost.localdomain [127.0.0.1]
Aug 31 18:19:47 mail ipop3d[29003]: pop3s SSL service init from 192.168.0.13
Aug 31 18:19:47 mail ipop3d[29003]: Unable to load certificate from /usr/share/s sl/certs/ipop3d.pem, host=[192.168.0.13]
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:02001002:system libr ary:fopen:No such file or directory
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:20074002:BIO routine s:FILE_CTRL:system lib
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:140DC002:SSL routine s:SSL_CTX_use_certificate_chain_file:system lib
Aug 31 18:31:54 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:31:54 mail postfix/master[2204]: daemon started -- version 2.2.2, conf iguration /etc/postfix
I then attempted a non-secure connection. It never worked, and there were no new entries in maillog. :| Matter of fact, I rebooted the system and attempted another non-secure connection. Again, nothing new added.

Where have I erred?

Entire maillog:
Code:
Aug 31 16:24:11 mail sendmail[2031]: alias database /etc/aliases rebuilt by root
Aug 31 16:24:11 mail sendmail[2031]: /etc/aliases: 76 aliases, longest 10 bytes,  765 bytes total
Aug 31 16:24:11 mail sendmail[2035]: starting daemon (8.13.4): SMTP+queueing@01: 00:00
Aug 31 16:24:11 mail sm-msp-queue[2041]: starting daemon (8.13.4): queueing@01:0 0:00
Aug 31 17:01:12 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 17:01:12 mail postfix/master[4051]: daemon started -- version 2.2.2, conf iguration /etc/postfix
Aug 31 17:01:12 mail postfix/smtpd[4080]: connect from localhost.localdomain[127 .0.0.1]
Aug 31 17:01:22 mail postfix/smtpd[4080]: disconnect from localhost.localdomain[ 127.0.0.1]
Aug 31 17:29:16 mail sendmail[20178]: k7VLTGmu020178: from=root, size=822, class =0, nrcpts=1, msgid=<200608312129.k7VLTGmu020178@mail.wnetworks.net>, relay=root @localhost
Aug 31 17:29:17 mail postfix/smtpd[20179]: connect from localhost.localdomain[12 7.0.0.1]
Aug 31 17:29:17 mail postfix/smtpd[20179]: setting up TLS connection from localh ost.localdomain[127.0.0.1]
Aug 31 17:29:17 mail postfix/smtpd[20179]: TLS connection established from local host.localdomain[127.0.0.1]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Aug 31 17:29:17 mail sendmail[20178]: STARTTLS=client, relay=[127.0.0.1], versio n=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256
Aug 31 17:29:17 mail postfix/smtpd[20179]: 901E676E2A9: client=localhost.localdo main[127.0.0.1], sasl_sender=root@mail.wnetworks.net
Aug 31 17:29:17 mail postfix/cleanup[20182]: 901E676E2A9: message-id=<2006083121 29.k7VLTGmu020178@mail.wnetworks.net>
Aug 31 17:29:17 mail postfix/qmgr[4057]: 901E676E2A9: from=<root@mail.wnetworks. net>, size=1448, nrcpt=1 (queue active)
Aug 31 17:29:17 mail sendmail[20178]: k7VLTGmu020178: to=root, ctladdr=root (0/0 ), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30822, relay=[127.0.0.1] [ 127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 901E676E2A9)
Aug 31 17:29:17 mail postfix/smtpd[20179]: disconnect from localhost.localdomain [127.0.0.1]
Aug 31 17:29:17 mail postfix/local[20183]: 901E676E2A9: to=<root@mail.wnetworks. net>, relay=local, delay=0, status=sent (delivered to mailbox)
Aug 31 17:29:17 mail postfix/qmgr[4057]: 901E676E2A9: removed
Aug 31 17:57:38 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 17:57:38 mail postfix/master[4051]: terminating on signal 15
Aug 31 17:57:41 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 17:57:41 mail postfix/master[14695]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 17:58:18 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 17:58:18 mail postfix/master[14695]: terminating on signal 15
Aug 31 17:58:19 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 17:58:19 mail postfix/master[17235]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:04:18 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 18:04:18 mail postfix/master[17235]: terminating on signal 15
Aug 31 18:04:23 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:04:23 mail postfix/master[29452]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:04:57 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 18:04:57 mail postfix/master[29452]: terminating on signal 15
Aug 31 18:04:58 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:04:58 mail postfix/master[29873]: daemon started -- version 2.2.2, con figuration /etc/postfix
Aug 31 18:07:04 mail ipop3d[30995]: pop3 service init from 127.0.0.1
Aug 31 18:08:15 mail ipop3d[31606]: pop3 service init from 127.0.0.1
Aug 31 18:08:16 mail ipop3d[31606]: Login user=web1_lucifer host=localhost.local domain [127.0.0.1] nmsgs=0/0
Aug 31 18:08:16 mail ipop3d[31606]: Command stream end of file while reading lin e user=web1_lucifer host=localhost.localdomain [127.0.0.1]
Aug 31 18:19:47 mail ipop3d[29003]: pop3s SSL service init from 192.168.0.13
Aug 31 18:19:47 mail ipop3d[29003]: Unable to load certificate from /usr/share/s sl/certs/ipop3d.pem, host=[192.168.0.13]
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:02001002:system libr ary:fopen:No such file or directory
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:20074002:BIO routine s:FILE_CTRL:system lib
Aug 31 18:19:47 mail ipop3d[29003]: SSL error status: error:140DC002:SSL routine s:SSL_CTX_use_certificate_chain_file:system lib
Aug 31 18:31:54 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:31:54 mail postfix/master[2204]: daemon started -- version 2.2.2, conf iguration /etc/postfix
Aug 31 18:32:33 mail postfix/postfix-script: stopping the Postfix mail system
Aug 31 18:32:33 mail postfix/master[2204]: terminating on signal 15
Aug 31 18:32:34 mail postfix/postfix-script: starting the Postfix mail system
Aug 31 18:32:35 mail postfix/master[2553]: daemon started -- version 2.2.2, conf iguration /etc/postfix
Reply With Quote
Sponsored Links
  #2  
Old 1st September 2006, 00:57
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
Default

# find / -name ipop3d.pem yields nothing. Of course then, this error message:
Code:
Aug 31 18:53:50 mail ipop3d[3621]: Unable to load certificate from /usr/share/ssl/certs/ipop3d.pem, host=[192.168.0.13]
So, why is there no ipop3d.pem?
Reply With Quote
  #3  
Old 1st September 2006, 00:59
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
Default

# find / -name "*.pem"
/etc/pki/tls/cert.pem
/etc/pki/dovecot/dovecot.pem
/etc/pki/dovecot/private/dovecot.pem
/etc/postfix/ssl/cacert.pem
/etc/postfix/ssl/cakey.pem
/usr/share/swamp/CA.pem
/usr/share/swamp/A-client.pem
/home/joe/Desktop/edMailServer/master/etc/postfix/ssl/cacert.pem
/home/joe/Desktop/edMailServer/master/etc/postfix/ssl/cakey.pem
Reply With Quote
  #4  
Old 1st September 2006, 10:01
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,777
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

Your ipop3d ssl certificates where missing. Try to reinstall ipop3d, the certificates where normally generated automatically during installation.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 1st September 2006, 12:31
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thank you for the response Till.

I am not sure how to do this, as there is no outright declaration for install pop3d in the perfect setup guide. How would you do this?

~jjw
Reply With Quote
  #6  
Old 1st September 2006, 19:47
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
Default Trying Again

Thanks for reading ~ jjw

Ok, so I started from scratch again. Followed the perfect install for Core 4 (except, no added IPs-why does it tell us to do this if we don't use them?).

Followed it every step of the way, and I'm getting the same error messages:
Code:
Sep  1 13:35:28 mail postfix/master[4185]: daemon started -- version 2.2.2, configuration /etc/postfix
Sep  1 13:35:47 mail ipop3d[4226]: pop3 service init from 127.0.0.1
Sep  1 13:35:47 mail ipop3d[4226]: Login user=web1_newTest host=localhost.localdomain [127.0.0.1] nmsgs=0/0
Sep  1 13:35:47 mail ipop3d[4226]: Command stream end of file while reading line user=web1_newTest host=localhost.localdomain [127.0.0.1]
Sep  1 13:40:01 mail ipop3d[4560]: pop3 service init from 192.168.0.13
Sep  1 13:40:26 mail ipop3d[4560]: Command stream end of file while reading line user=??? host=[192.168.0.13]
Sep  1 13:40:44 mail ipop3d[4583]: pop3s SSL service init from 192.168.0.13
Sep  1 13:40:44 mail ipop3d[4583]: Unable to load certificate from /usr/share/ssl/certs/ipop3d.pem, host=[192.168.0.13]
Sep  1 13:40:44 mail ipop3d[4583]: SSL error status: error:02001002:system library:fopen:No such file or directory
Sep  1 13:40:44 mail ipop3d[4583]: SSL error status: error:20074002:BIO routines:FILE_CTRL:system lib
Sep  1 13:40:44 mail ipop3d[4583]: SSL error status: error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib
I have DNS pointing to the IP address of the interface, and you can see I started a connection. If I followed the perfect install, why wasn't this certificate created?

In fact, I got an error this time after reinstall (8182 corrupt certificate), and followed the dorections here for a rebuild:

http://www.wallpaperama.com/disp-post70.html

The 8182 error has happened every time I've done an install, except one time. Can someone tell me where I am wrong?

~jjw
Reply With Quote
  #7  
Old 2nd September 2006, 10:08
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,777
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

Are you able to connect to pop3 without ssl encryption?
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #8  
Old 3rd September 2006, 16:03
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till
Are you able to connect to pop3 without ssl encryption?
Thank you Till. I have since done two complete re-installs of OS & ISPConfig, and getting the same issue.

To answer your question: Yes, I can connect to pop3 from another machine from command line, and send email to the newest account I have created. I can see the statistics, and I can see the email in the mbox file (I've since changed to Maildir). Yet, cannot connect with mail client using SSL.
Reply With Quote
  #9  
Old 3rd September 2006, 18:18
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 35,777
Thanks: 821
Thanked 5,332 Times in 4,184 Posts
Default

Please post the output of:

netstat -tap
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #10  
Old 3rd September 2006, 20:07
jjw jjw is offline
Member
 
Join Date: Aug 2006
Posts: 87
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

netstat -tap:
Code:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 *:imaps                     *:*                         LISTEN      2002/xinetd
tcp        0      0 *:32769                     *:*                         LISTEN      1670/rpc.statd
tcp        0      0 *:pop3s                     *:*                         LISTEN      2002/xinetd
tcp        0      0 *:mysql                     *:*                         LISTEN      2093/mysqld
tcp        0      0 *:pop3                      *:*                         LISTEN      2002/xinetd
tcp        0      0 *:imap                      *:*                         LISTEN      2002/xinetd
tcp        0      0 *:sunrpc                    *:*                         LISTEN      1651/portmap
tcp        0      0 *:81                        *:*                         LISTEN      2415/ispconfig_http
tcp        0      0 192.168.0.10:domain         *:*                         LISTEN      3370/named
tcp        0      0 mail.wnetworks.net:domain   *:*                         LISTEN      3370/named
tcp        0      0 mail.wnetworks.net:ipp      *:*                         LISTEN      1945/cupsd
tcp        0      0 mail.wnetworks.net:5335     *:*                         LISTEN      1927/mDNSResponder
tcp        0      0 mail.wnetworks.net:rndc     *:*                         LISTEN      3370/named
tcp        0      0 *:smtp                      *:*                         LISTEN      3339/master
tcp        0      0 mail.wnetworks.net:rndc     mail.wnetworks.net:46981    TIME_WAIT   -
tcp        0      0 mail.wnetworks.net:53582    mail.wnetworks.net:ipp      ESTABLISHED 3602/eggcups
tcp        0      0 mail.wnetworks.net:ipp      mail.wnetworks.net:53582    ESTABLISHED 1945/cupsd
tcp        0      0 *:http                      *:*                         LISTEN      3271/httpd
tcp        0      0 *:ftp                       *:*                         LISTEN      3390/proftpd: (acce
tcp        0      0 *:ssh                       *:*                         LISTEN      1993/sshd
tcp        0      0 *:https                     *:*                         LISTEN      3271/httpd
tcp        0      0 ::ffff:192.168.0.10:ssh     ::ffff:192.168.0.13:1204    ESTABLISHED 2975/sshd: joe [pri
tcp        0      0 ::ffff:192.168.0.10:ssh     ::ffff:192.168.0.13:1203    ESTABLISHED 2955/sshd: joe [pri
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora Core 5 graphical install rlhesson Installation/Configuration 2 14th August 2006 17:00
quota question on perfect install fedora core 5.0 bmayock HOWTO-Related Questions 7 6th July 2006 13:20
Regarding the Fedora Core 5 Perfect Install - Quota EricS HOWTO-Related Questions 4 30th May 2006 04:21
Fedora Core 5 x64 Perfect Install Question? gjcomputer Installation/Configuration 1 26th April 2006 09:27
Fresh Install of FC4 using Perfect Install HowTo latcarf HOWTO-Related Questions 21 10th August 2005 22:55


All times are GMT +2. The time now is 08:23.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.