mail_sni for dovecot and exim sni certificates

elvinas

Verified User
Joined
Jun 11, 2018
Messages
7
I followed this guide: https://www.directadmin.com/features.php?id=2019 but I still cannot get it working.
The task `echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue` does not add anything to /etc/virtual/snidomains nor to /etc/dovecot/conf/sni.

When I generate Let's Encrypt certificate in DA SSL page the /etc/virtual/snidomains is updated but the /etc/dovecot/conf/sni folder is still empty. Also I don't know if it is related but I noticed this error at the end of the output:

Cannot find the dovecot_sni.conf template.
 
Hello,

Did you run the installation commands?

Code:
cd /usr/local/directadmin
echo mail_sni=1 >> conf/directadmin.conf
service directadmin restart
cd custombuild
./build update
./build set eximconf yes
./build set eximconf_release 4.5
./build set dovecot_conf yes
./build exim_conf
./build dovecot_conf



Did all of them finished without errors?

I'd add:

Code:
./build set dovecot yes
./build dovecot


and what you have with

Code:
./build version
./build options
?
 
Yes, I did.

The output

Code:
[root@live custombuild]# ./build version
2.0.0 (rev: 1879)
[root@live custombuild]# ./build options
Apache: 2.4.33
mod_ruid2: no
ModSecurity: no
htscanner: no
Dovecot: 2.3.1
Dovecot configuration: yes
AWstats: no
Exim: 4.91
exim.conf update: yes, release 4.5
BlockCracking: no
Easy Spam Fighter: no
SpamAssassin: no
ClamAV: no
MariaDB: 10.2.15
MySQL backup: yes
MySQL backup directory: /usr/local/directadmin/custombuild/mysql_backups
MySQL compress backups: no
PHP (default): 5.6 as php-fpm
PHP (additional): 7.2 as php-fpm
phpMyAdmin: 4.8.1-all-languages
ProFTPD: no
Pure-FTPd: 1.0.47
RoundCube webmail: 1.3.6
Replace "php.ini" with './build all' and './build php_ini': no
Auto updates/notifications: no
Run "clean" every time: yes
Run "clean_old_webapps" every time: yes
Run "clean_old_tarballs" every time: yes
Show texts in bold: yes
SquirrelMail: 1.4.23-20180516_0203
Zend Guard Loader: no
ionCube loader: no
Suhosin: no
 
and

Code:
/usr/local/directadmin/directadmin v
Code:
/usr/local/directadmin/directadmin o

?


and again

Code:
service directadmin restart

echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d800


cat /etc/virtual/snidomains


ls -la /etc/dovecot/conf/sni/

?
 
Code:
[root@live]# /usr/local/directadmin/directadmin v
Version: DirectAdmin v.1.53.0
[root@live]# /usr/local/directadmin/directadmin o
Compiled on 'CentOS 6.0 64-Bit'
Compile time: Mar 14 2018 at 20:27:20
Compiled with IPv6

The `echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d8001` command displayed some output, e.g:

Code:
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.key) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.key: 'diradmin:mail' -rw-r-----, running as root:root
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root

I replaced real user and real domain with placeholders (__USER__ and __DOMAIN__).


Code:
[root@live]# cat /etc/virtual/snidomains
[root@live]# ls -la /etc/dovecot/conf/sni/
total 8
drwxr-xr-x 2 mail mail 4096 May 12 12:47 .
drwxr-xr-x 3 root root 4096 Jun 12 10:18 ..
 
Looks like that the problem was solved after updating to 1.53.1

The problem was (and as I mentioned at the first post) that the dovecot_sni.conf was missing. It was recreated with the latest update and everything works fine now.
 
Same issue

Hi there,
I am having the same issue, but i cannot solve it. I am running DirectAdmin 1.54.1 and i am getting the same error: dovecot sni.template is missing. Can anyone help me solve this?
 
First do this:
Code:
/usr/local/directadmin/directadmin c | grep mail_sni
if it answers
mail_sni=1 then this part is ok.

After that you can try to reinstall Dovecot, it should install the templates then. For Centos:
Code:
cd /usr/local/directadmin/custombuild
./build set dovecot yes
./build set dovecot_conf yes
./build update
./build dovecot
./build dovecot_conf
 
First do this:
Code:
/usr/local/directadmin/directadmin c | grep mail_sni
if it answers
mail_sni=1 then this part is ok.

After that you can try to reinstall Dovecot, it should install the templates then. For Centos:
Code:
cd /usr/local/directadmin/custombuild
./build set dovecot yes
./build set dovecot_conf yes
./build update
./build dovecot
./build dovecot_conf


I did that but i am getting the same error.
"Cannot find the dovecot_sni.conf template."
Any other ideas?

thank you.
 
Hi Richard,
I did those steps but still i am getting the same error. That the template is missing and could not be found.
Do you have any other suggestion?
Regards
 
No sorry. If you have tried all steps above and you have the latest DA version with the needed SSL settings and correct dovecot.conf and exim.conf and exim.pl version I don't know.
You might best wait for another reply or consider sending in a ticket.
 
Kindly show a screenshot or more text where you get "sni.template" error. And what do you do to get the error?
 
Back
Top