Results 1 to 8 of 8

Thread: mail_sni for dovecot and exim sni certificates

  1. #1
    Join Date
    Jun 2018
    Posts
    6

    mail_sni for dovecot and exim sni certificates

    I followed this guide: https://www.directadmin.com/features.php?id=2019 but I still cannot get it working.
    The task `echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue` does not add anything to /etc/virtual/snidomains nor to /etc/dovecot/conf/sni.

    When I generate Let's Encrypt certificate in DA SSL page the /etc/virtual/snidomains is updated but the /etc/dovecot/conf/sni folder is still empty. Also I don't know if it is related but I noticed this error at the end of the output:

    Cannot find the dovecot_sni.conf template.

  2. #2
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,287
    Hello,

    Did you run the installation commands?

    Code:
    cd /usr/local/directadmin
    echo mail_sni=1 >> conf/directadmin.conf
    service directadmin restart
    cd custombuild
    ./build update
    ./build set eximconf yes
    ./build set eximconf_release 4.5
    ./build set dovecot_conf yes
    ./build exim_conf
    ./build dovecot_conf


    Did all of them finished without errors?

    I'd add:

    Code:
    ./build set dovecot yes
    ./build dovecot

    and what you have with

    Code:
    ./build version
    ./build options
    ?

  3. #3
    Join Date
    Jun 2018
    Posts
    6
    Yes, I did.

    The output

    Code:
    [root@live custombuild]# ./build version
    2.0.0 (rev: 1879)
    [root@live custombuild]# ./build options
    Apache: 2.4.33
    mod_ruid2: no
    ModSecurity: no
    htscanner: no
    Dovecot: 2.3.1
    Dovecot configuration: yes
    AWstats: no
    Exim: 4.91
    exim.conf update: yes, release 4.5
    BlockCracking: no
    Easy Spam Fighter: no
    SpamAssassin: no
    ClamAV: no
    MariaDB: 10.2.15
    MySQL backup: yes
    MySQL backup directory: /usr/local/directadmin/custombuild/mysql_backups
    MySQL compress backups: no
    PHP (default): 5.6 as php-fpm
    PHP (additional): 7.2 as php-fpm
    phpMyAdmin: 4.8.1-all-languages
    ProFTPD: no
    Pure-FTPd: 1.0.47
    RoundCube webmail: 1.3.6
    Replace "php.ini" with './build all' and './build php_ini': no
    Auto updates/notifications: no
    Run "clean" every time: yes
    Run "clean_old_webapps" every time: yes
    Run "clean_old_tarballs" every time: yes
    Show texts in bold: yes
    SquirrelMail: 1.4.23-20180516_0203
    Zend Guard Loader: no
    ionCube loader: no
    Suhosin: no

  4. #4
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,287
    and

    Code:
    /usr/local/directadmin/directadmin v
    Code:
    /usr/local/directadmin/directadmin o
    ?


    and again

    Code:
    service directadmin restart
    
    echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d800
    
    
    cat /etc/virtual/snidomains
    
    
    ls -la /etc/dovecot/conf/sni/
    ?

  5. #5
    Join Date
    Jun 2018
    Posts
    6
    Code:
    [root@live]# /usr/local/directadmin/directadmin v
    Version: DirectAdmin v.1.53.0
    [root@live]# /usr/local/directadmin/directadmin o
    Compiled on 'CentOS 6.0 64-Bit'
    Compile time: Mar 14 2018 at 20:27:20
    Compiled with IPv6
    The `echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d8001` command displayed some output, e.g:

    Code:
    Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
    /usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
    Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
    /usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
    Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.key) has permissions:
    /usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.key: 'diradmin:mail' -rw-r-----, running as root:root
    Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
    /usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
    I replaced real user and real domain with placeholders (__USER__ and __DOMAIN__).


    Code:
    [root@live]# cat /etc/virtual/snidomains
    [root@live]# ls -la /etc/dovecot/conf/sni/
    total 8
    drwxr-xr-x 2 mail mail 4096 May 12 12:47 .
    drwxr-xr-x 3 root root 4096 Jun 12 10:18 ..

  6. #6
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    12,287
    /usr/local/directadmin/directadmin c | grep mail_sni

    ?

  7. #7
    Join Date
    Jun 2018
    Posts
    6
    Code:
    [root@live ~]# /usr/local/directadmin/directadmin c | grep mail_sni
    mail_sni=1

    Quote Originally Posted by zEitEr View Post
    /usr/local/directadmin/directadmin c | grep mail_sni

    ?

  8. #8
    Join Date
    Jun 2018
    Posts
    6
    Looks like that the problem was solved after updating to 1.53.1

    The problem was (and as I mentioned at the first post) that the dovecot_sni.conf was missing. It was recreated with the latest update and everything works fine now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •