mail_sni for dovecot and exim sni certificates

elvinas

New member
Joined
Jun 11, 2018
Messages
6
I followed this guide: https://www.directadmin.com/features.php?id=2019 but I still cannot get it working.
The task `echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue` does not add anything to /etc/virtual/snidomains nor to /etc/dovecot/conf/sni.

When I generate Let's Encrypt certificate in DA SSL page the /etc/virtual/snidomains is updated but the /etc/dovecot/conf/sni folder is still empty. Also I don't know if it is related but I noticed this error at the end of the output:

Cannot find the dovecot_sni.conf template.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,902
Location
GMT +7.00
Hello,

Did you run the installation commands?

Code:
cd /usr/local/directadmin
echo mail_sni=1 >> conf/directadmin.conf
service directadmin restart
cd custombuild
./build update
./build set eximconf yes
./build set eximconf_release 4.5
./build set dovecot_conf yes
./build exim_conf
./build dovecot_conf


Did all of them finished without errors?

I'd add:

Code:
./build set dovecot yes
./build dovecot

and what you have with

Code:
./build version
./build options
?
 

elvinas

New member
Joined
Jun 11, 2018
Messages
6
Yes, I did.

The output

Code:
[root@live custombuild]# ./build version
2.0.0 (rev: 1879)
[root@live custombuild]# ./build options
Apache: 2.4.33
mod_ruid2: no
ModSecurity: no
htscanner: no
Dovecot: 2.3.1
Dovecot configuration: yes
AWstats: no
Exim: 4.91
exim.conf update: yes, release 4.5
BlockCracking: no
Easy Spam Fighter: no
SpamAssassin: no
ClamAV: no
MariaDB: 10.2.15
MySQL backup: yes
MySQL backup directory: /usr/local/directadmin/custombuild/mysql_backups
MySQL compress backups: no
PHP (default): 5.6 as php-fpm
PHP (additional): 7.2 as php-fpm
phpMyAdmin: 4.8.1-all-languages
ProFTPD: no
Pure-FTPd: 1.0.47
RoundCube webmail: 1.3.6
Replace "php.ini" with './build all' and './build php_ini': no
Auto updates/notifications: no
Run "clean" every time: yes
Run "clean_old_webapps" every time: yes
Run "clean_old_tarballs" every time: yes
Show texts in bold: yes
SquirrelMail: 1.4.23-20180516_0203
Zend Guard Loader: no
ionCube loader: no
Suhosin: no
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,902
Location
GMT +7.00
and

Code:
/usr/local/directadmin/directadmin v
Code:
/usr/local/directadmin/directadmin o
?


and again

Code:
service directadmin restart

echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d800


cat /etc/virtual/snidomains


ls -la /etc/dovecot/conf/sni/
?
 

elvinas

New member
Joined
Jun 11, 2018
Messages
6
Code:
[root@live]# /usr/local/directadmin/directadmin v
Version: DirectAdmin v.1.53.0
[root@live]# /usr/local/directadmin/directadmin o
Compiled on 'CentOS 6.0 64-Bit'
Compile time: Mar 14 2018 at 20:27:20
Compiled with IPv6
The `echo "action=rewrite&value=mail_sni" >> /usr/local/directadmin/data/task.queue && /usr/local/directadmin/dataskq d8001` command displayed some output, e.g:

Code:
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.key) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.key: 'diradmin:mail' -rw-r-----, running as root:root
Ssl::ensure_sni_read(/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined) has permissions:
/usr/local/directadmin/data/users/__USER__/domains/__DOMAIN__.cert.combined: 'diradmin:mail' -rw-r-----, running as root:root
I replaced real user and real domain with placeholders (__USER__ and __DOMAIN__).


Code:
[root@live]# cat /etc/virtual/snidomains
[root@live]# ls -la /etc/dovecot/conf/sni/
total 8
drwxr-xr-x 2 mail mail 4096 May 12 12:47 .
drwxr-xr-x 3 root root 4096 Jun 12 10:18 ..
 

elvinas

New member
Joined
Jun 11, 2018
Messages
6
Looks like that the problem was solved after updating to 1.53.1

The problem was (and as I mentioned at the first post) that the dovecot_sni.conf was missing. It was recreated with the latest update and everything works fine now.
 

Panos Georgakop

New member
Joined
Dec 5, 2018
Messages
3
Same issue

Hi there,
I am having the same issue, but i cannot solve it. I am running DirectAdmin 1.54.1 and i am getting the same error: dovecot sni.template is missing. Can anyone help me solve this?
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,221
Location
Maastricht
First do this:
Code:
/usr/local/directadmin/directadmin c | grep mail_sni
if it answers
mail_sni=1 then this part is ok.

After that you can try to reinstall Dovecot, it should install the templates then. For Centos:
Code:
cd /usr/local/directadmin/custombuild
./build set dovecot yes
./build set dovecot_conf yes
./build update
./build dovecot
./build dovecot_conf
 

Panos Georgakop

New member
Joined
Dec 5, 2018
Messages
3
First do this:
Code:
/usr/local/directadmin/directadmin c | grep mail_sni
if it answers
mail_sni=1 then this part is ok.

After that you can try to reinstall Dovecot, it should install the templates then. For Centos:
Code:
cd /usr/local/directadmin/custombuild
./build set dovecot yes
./build set dovecot_conf yes
./build update
./build dovecot
./build dovecot_conf

I did that but i am getting the same error.
"Cannot find the dovecot_sni.conf template."
Any other ideas?

thank you.
 

Panos Georgakop

New member
Joined
Dec 5, 2018
Messages
3
Hi Richard,
I did those steps but still i am getting the same error. That the template is missing and could not be found.
Do you have any other suggestion?
Regards
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,221
Location
Maastricht
No sorry. If you have tried all steps above and you have the latest DA version with the needed SSL settings and correct dovecot.conf and exim.conf and exim.pl version I don't know.
You might best wait for another reply or consider sending in a ticket.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,902
Location
GMT +7.00
Kindly show a screenshot or more text where you get "sni.template" error. And what do you do to get the error?
 
Top