1 (edited by redshirt 2011-07-09 05:03:57)

Topic: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

I figure I should try to resolve the problems I was having with my first install prior to updating. (Restored jail to eliminate problems with updating noted in prior post.) I have a comodo ssl cert in place and that seems to be working (based on the domain name popping up in the icon space prior to the url in firefox).  When I try to log in to iredadmin I get this error:

https://mail.blah.net/iredadmin/login?msg=SERVER_DOWN

Logging into awstats gives:

500 Internal Server Error

I have made ssl cert/key/chain changes in dovecot.conf and httpd-ssl.conf. Logging into phpMyAdmin works fine (but errors show in httpd-error.log). I don't seem to be able to log into roundcube, but there is no obvious error. Again, there are http errors. Are there other places I need to enter the ssl information?

For reference... errors with awstats and iredadmin; /var/log/httpd-error.log:

[Sat Jul 02 14:31:43 2011] [notice] suEXEC mechanism enabled (wrapper: /usr/local/sbin/suexec)                               
[Sat Jul 02 14:31:44 2011] [notice] Digest: generating secret for digest authentication ...                                  
[Sat Jul 02 14:31:44 2011] [notice] Digest: done                                                                             
[Sat Jul 02 14:31:44 2011] [notice] Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8k DAV/2 mod_wsgi/2.8 Python/2.6.6 configured -- resuming normal operations                                                                                        
[Sat Jul 02 14:38:16 2011] [error] Optional hook test said: GET /iredadmin/ HTTP/1.1                                         
[Sat Jul 02 14:38:16 2011] [error] Optional function test said: GET /iredadmin/ HTTP/1.1                                     
[Sat Jul 02 14:38:16 2011] [error] Optional hook test said: GET /iredadmin/login?msg=SESSION_EXPIRED HTTP/1.1                
[Sat Jul 02 14:38:16 2011] [error] Optional function test said: GET /iredadmin/login?msg=SESSION_EXPIRED HTTP/1.1            
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/css/reset.css HTTP/1.1             
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/css/reset.css HTTP/1.1         
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/css/screen.css HTTP/1.1            
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/css/screen.css HTTP/1.1        
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/header.png HTTP/1.1         
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/header.png HTTP/1.1     
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/bck_white_10.png HTTP/1.1   
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/bck_white_10.png HTTP/1.1                                                                                                                            
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/login.jpg HTTP/1.1          
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/login.jpg HTTP/1.1      
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/login_header.png HTTP/1.1   
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/login_header.png HTTP/1.1                                                                                                                            
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/bck_white_50.png HTTP/1.1   
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/bck_white_50.png HTTP/1.1                                                                                                                            
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/ico_error.png HTTP/1.1      
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/ico_error.png HTTP/1.1  
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/gear.png HTTP/1.1           
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/gear.png HTTP/1.1       
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/button_glas1.png HTTP/1.1   
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/button_glas1.png HTTP/1.1                                                                                                                            
[Sat Jul 02 14:38:17 2011] [error] Optional hook test said: GET /iredadmin/static/default/images/bck_black_70.png HTTP/1.1   
[Sat Jul 02 14:38:17 2011] [error] Optional function test said: GET /iredadmin/static/default/images/bck_black_70.png HTTP/1.1                                                                                                                            
[Sat Jul 02 14:38:23 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:38:24 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:38:24 2011] [error] Optional hook test said: GET /iredadmin/ HTTP/1.1                                         
[Sat Jul 02 14:38:24 2011] [error] Optional function test said: GET /iredadmin/ HTTP/1.1                                     
[Sat Jul 02 14:38:37 2011] [error] Optional hook test said: GET /iredadmin/ HTTP/1.1                                         
[Sat Jul 02 14:38:37 2011] [error] Optional function test said: GET /iredadmin/ HTTP/1.1                                     
[Sat Jul 02 14:38:46 2011] [error] Optional hook test said: POST /iredadmin/login HTTP/1.1                                   
[Sat Jul 02 14:38:46 2011] [error] Optional function test said: POST /iredadmin/login HTTP/1.1                               
[Sat Jul 02 14:38:46 2011] [error] Optional hook test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1                    
[Sat Jul 02 14:38:46 2011] [error] Optional function test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1                
[Sat Jul 02 14:56:11 2011] [error] Optional hook test said: GET /iredadmin/ HTTP/1.1                                         
[Sat Jul 02 14:56:11 2011] [error] Optional function test said: GET /iredadmin/ HTTP/1.1                                     
[Sat Jul 02 14:56:19 2011] [error] Optional hook test said: POST /iredadmin/login HTTP/1.1                                   
[Sat Jul 02 14:56:19 2011] [error] Optional function test said: POST /iredadmin/login HTTP/1.1                               
[Sat Jul 02 14:56:19 2011] [error] Optional hook test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1                    
[Sat Jul 02 14:56:19 2011] [error] Optional function test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1                
[Sat Jul 02 14:56:30 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 14:56:31 2011] [notice] SIGHUP received.  Attempting to restart                                                  
[Sat Jul 02 14:56:31 2011] [notice] Digest: generating secret for digest authentication ...                                  
[Sat Jul 02 14:56:31 2011] [notice] Digest: done                                                                             
[Sat Jul 02 14:56:31 2011] [notice] Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8k DAV/2 mod_wsgi/2.8 Python/2.6.6 configured -- resuming normal operations                                                                                        
[Sat Jul 02 14:56:38 2011] [error] Optional hook test said: GET /iredadmin/ HTTP/1.1                                         
[Sat Jul 02 14:56:38 2011] [error] Optional function test said: GET /iredadmin/ HTTP/1.1                                     
[Sat Jul 02 14:56:45 2011] [error] Optional hook test said: POST /iredadmin/login HTTP/1.1                                   
[Sat Jul 02 14:56:45 2011] [error] Optional function test said: POST /iredadmin/login HTTP/1.1                               
[Sat Jul 02 14:56:46 2011] [error] Optional hook test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1
[Sat Jul 02 14:56:46 2011] [error] Optional function test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1
[Sat Jul 02 14:56:53 2011] [error] Optional hook test said: GET /awstats/ HTTP/1.1
[Sat Jul 02 14:56:53 2011] [error] Optional function test said: GET /awstats/ HTTP/1.1
[Sat Jul 02 14:57:06 2011] [error] Optional hook test said: GET /awstats/ HTTP/1.1
[Sat Jul 02 14:57:06 2011] [error] Optional function test said: GET /awstats/ HTTP/1.1
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:04 2011] [notice] SIGHUP received.  Attempting to restart
[Sat Jul 02 15:02:04 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 15:02:05 2011] [notice] Digest: generating secret for digest authentication ...
[Sat Jul 02 15:02:05 2011] [notice] Digest: done
[Sat Jul 02 15:02:05 2011] [notice] Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8k DAV/2 mod_wsgi/2.8 Python/2.6.6 configured -- resuming normal operations
[Sat Jul 02 15:02:07 2011] [error] Optional hook test said: GET /awstats/awstats.pl/ HTTP/1.1
[Sat Jul 02 15:02:07 2011] [error] Optional function test said: GET /awstats/awstats.pl/ HTTP/1.1
[Sat Jul 02 15:02:08 2011] [error] Optional hook test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:02:08 2011] [error] Optional function test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:02:17 2011] [error] Optional hook test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:02:17 2011] [error] Optional function test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:02:23 2011] [error] Optional hook test said: GET /iredadmin/ HTTP/1.1
[Sat Jul 02 15:02:23 2011] [error] Optional function test said: GET /iredadmin/ HTTP/1.1
[Sat Jul 02 15:02:30 2011] [error] Optional hook test said: POST /iredadmin/login HTTP/1.1
[Sat Jul 02 15:02:30 2011] [error] Optional function test said: POST /iredadmin/login HTTP/1.1
[Sat Jul 02 15:02:30 2011] [error] Optional hook test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1
[Sat Jul 02 15:02:30 2011] [error] Optional function test said: GET /iredadmin/login?msg=SERVER_DOWN HTTP/1.1
[Sat Jul 02 15:09:52 2011] [error] Optional hook test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:09:52 2011] [error] Optional function test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:09:54 2011] [error] Optional hook test said: GET /awstats/awstats.pl HTTP/1.1
[Sat Jul 02 15:09:54 2011] [error] Optional function test said: GET /awstats/awstats.pl HTTP/1.1

For reference... errors with roundcube and phpMyAdmin; /var/log/httpd-error.log:

[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/ HTTP/1.1                                              
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/ HTTP/1.1                                          
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/common.css?s=1297248710 HTTP/1.1         
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/common.css?s=1297248710 HTTP/1.1     
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/program/js/jquery-1.4.min.js?s=1289561220 HTTP/1.1     
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/program/js/jquery-1.4.min.js?s=1289561220 HTTP/1.1 
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/program/js/common.js?s=1303327063 HTTP/1.1             
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/program/js/common.js?s=1303327063 HTTP/1.1         
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/program/js/app.js?s=1303327060 HTTP/1.1                
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/program/js/app.js?s=1303327060 HTTP/1.1            
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/roundcube_logo.png HTTP/1.1       
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/roundcube_logo.png HTTP/1.1   
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/listheader.gif HTTP/1.1           
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/listheader.gif HTTP/1.1       
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/buttons/bg.gif HTTP/1.1           
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/buttons/bg.gif HTTP/1.1       
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/mail_footer.png HTTP/1.1          
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/mail_footer.png HTTP/1.1      
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/taskicons.gif HTTP/1.1            
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/taskicons.gif HTTP/1.1        
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/icons/folders.png HTTP/1.1        
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/icons/folders.png HTTP/1.1    
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/display/loading.gif HTTP/1.1      
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/display/loading.gif HTTP/1.1  
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/messageicons.png HTTP/1.1         
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/messageicons.png HTTP/1.1     
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/icons/reset.gif HTTP/1.1          
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/icons/reset.gif HTTP/1.1      
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/abook_toolbar.png HTTP/1.1        
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/abook_toolbar.png HTTP/1.1    
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/icons/groupactions.png HTTP/1.1   
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/icons/groupactions.png HTTP/1.1                                                                                                                            
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/pagenav.gif HTTP/1.1              
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/pagenav.gif HTTP/1.1          
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/watermark.gif HTTP/1.1            
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/watermark.gif HTTP/1.1        
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/searchfield.gif HTTP/1.1          
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/searchfield.gif HTTP/1.1      
[Sat Jul 02 15:16:24 2011] [error] Optional hook test said: GET /mail/skins/default/images/mail_toolbar.png HTTP/1.1         
[Sat Jul 02 15:16:24 2011] [error] Optional function test said: GET /mail/skins/default/images/mail_toolbar.png HTTP/1.1     
[Sat Jul 02 15:16:29 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 15:16:30 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 15:16:31 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored                                                                                               
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: POST /mysql/index.php HTTP/1.1                                   
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: POST /mysql/index.php HTTP/1.1                               
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/index.php?token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                                          
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/index.php?token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                                      
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery-1.4.4.js?ts=1307157346 HTTP/1.1      
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery-1.4.4.js?ts=1307157346 HTTP/1.1  
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/js/update-location.js?ts=1307157346 HTTP/1.1          
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/js/update-location.js?ts=1307157346 HTTP/1.1      
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/js/common.js?ts=1307157346 HTTP/1.1                   
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/js/common.js?ts=1307157346 HTTP/1.1               
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/main.php?token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                                           
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/main.php?token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                                       
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/navigation.php?token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                                     
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/navigation.php?token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                                 
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/print.css HTTP/1.1                                    
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/print.css HTTP/1.1                                
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/jquery/jquery-ui-1.8.custom.css HTTP/1.1                                                                                                                           
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/jquery/jquery-ui-1.8.custom.css HTTP/1.1                                                                                                                       
[Sat Jul 02 15:32:17 2011] [error] Optional hook test said: GET /mysql/phpmyadmin.css.php?server=1&token=74ecbcdc261cc3054d07386cb5f50997&js_frame=right&nocache=5231093234 HTTP/1.1                                                                      
[Sat Jul 02 15:32:17 2011] [error] Optional function test said: GET /mysql/phpmyadmin.css.php?server=1&token=74ecbcdc261cc3054d07386cb5f50997&js_frame=right&nocache=5231093234 HTTP/1.1                                                                  
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery-1.4.4.js?ts=1307157346 HTTP/1.1      
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery-1.4.4.js?ts=1307157346 HTTP/1.1  
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery-ui-1.8.custom.js?ts=1307157346 HTTP/1.1                                                                                                                           
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery-ui-1.8.custom.js?ts=1307157346 HTTP/1.1                                                                                                                       
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery.sprintf.js?ts=1307157346 HTTP/1.1    
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery.sprintf.js?ts=1307157346 HTTP/1.1
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/config.js?ts=1307157346 HTTP/1.1                   
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/config.js?ts=1307157346 HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/functions.js?ts=1307157346 HTTP/1.1                
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/functions.js?ts=1307157346 HTTP/1.1            
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery-1.4.4.js HTTP/1.1                    
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery-1.4.4.js HTTP/1.1                
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/cross_framing_protection.js?ts=1307157346 HTTP/1.1 
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/cross_framing_protection.js?ts=1307157346 HTTP/1.1                                                                                                                          
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/phpmyadmin.css.php?token=74ecbcdc261cc3054d07386cb5f50997&js_frame=left&nocache=5231093234 HTTP/1.1                                                                                
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/phpmyadmin.css.php?token=74ecbcdc261cc3054d07386cb5f50997&js_frame=left&nocache=5231093234 HTTP/1.1                                                                            
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery.qtip-1.0.0.min.js?ts=1307157346 HTTP/1.1                                                                                                                          
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery.qtip-1.0.0.min.js?ts=1307157346 HTTP/1.1                                                                                                                      
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/messages.php?lang=en&db=&token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                        
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/messages.php?lang=en&db=&token=74ecbcdc261cc3054d07386cb5f50997 HTTP/1.1                                                                                                    
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/update-location.js?ts=1307157346 HTTP/1.1          
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/update-location.js?ts=1307157346 HTTP/1.1      
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/functions.js HTTP/1.1                              
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/functions.js HTTP/1.1                          
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/js/navigation.js HTTP/1.1                             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/js/navigation.js HTTP/1.1                         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_sql.png HTTP/1.1                
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_sql.png HTTP/1.1            
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_host.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_host.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_db.png HTTP/1.1                 
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_db.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_status.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_status.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_process.png HTTP/1.1            
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_process.png HTTP/1.1        
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_rights.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_rights.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_import.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_import.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_export.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_export.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_vars.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_vars.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_engine.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_engine.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_asci.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_asci.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_replication.png HTTP/1.1        
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_replication.png HTTP/1.1    
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_tblops.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_tblops.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_sync.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_sync.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/window-new.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/window-new.png HTTP/1.1       
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_home.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_home.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/logo_left.png HTTP/1.1            
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/logo_left.png HTTP/1.1        
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_loggoff.png HTTP/1.1            
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_loggoff.png HTTP/1.1        
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_sqlhelp.png HTTP/1.1            
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_sqlhelp.png HTTP/1.1        
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_docs.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_docs.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_reload.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_reload.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_selboard.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_selboard.png HTTP/1.1       
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_help.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_help.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/left_nav_bg.png HTTP/1.1          
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/left_nav_bg.png HTTP/1.1      
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/database.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/database.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/tab_bg.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/tab_bg.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_theme.png HTTP/1.1              
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_theme.png HTTP/1.1          
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_passwd.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_passwd.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_lang.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_lang.png HTTP/1.1           
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/input_bg.gif HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/input_bg.gif HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/s_notice.png HTTP/1.1             
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/s_notice.png HTTP/1.1         
[Sat Jul 02 15:32:18 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/b_more.png HTTP/1.1               
[Sat Jul 02 15:32:18 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/b_more.png HTTP/1.1           
[Sat Jul 02 15:32:20 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/tab_hover_bg.png HTTP/1.1         
[Sat Jul 02 15:32:20 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/tab_hover_bg.png HTTP/1.1     
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/index.php?token=74ecbcdc261cc3054d07386cb5f50997&old_usr=root HTTP/1.1                                                                                                             
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/index.php?token=74ecbcdc261cc3054d07386cb5f50997&old_usr=root HTTP/1.1                                                                                                         
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/phpmyadmin.css.php?server=1&token=0f5309abc85522bd06b7712eaf6d1619&js_frame=right&nocache=3921472497 HTTP/1.1                                                                      
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/phpmyadmin.css.php?server=1&token=0f5309abc85522bd06b7712eaf6d1619&js_frame=right&nocache=3921472497 HTTP/1.1                                                                  
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/js/messages.php?lang=en&db=&token=0f5309abc85522bd06b7712eaf6d1619 HTTP/1.1                                                                                                        
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/js/messages.php?lang=en&db=&token=0f5309abc85522bd06b7712eaf6d1619 HTTP/1.1                                                                                                    
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery-1.4.4.js?ts=1307157346 HTTP/1.1      
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery-1.4.4.js?ts=1307157346 HTTP/1.1  
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/js/jquery/jquery.qtip-1.0.0.min.js?ts=1307157346 HTTP/1.1                                                                                                                          
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/js/jquery/jquery.qtip-1.0.0.min.js?ts=1307157346 HTTP/1.1                                                                                                                      
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/js/cross_framing_protection.js?ts=1307157346 HTTP/1.1 
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/js/cross_framing_protection.js?ts=1307157346 HTTP/1.1                                                                                                                          
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/js/update-location.js?ts=1307157346 HTTP/1.1          
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/js/update-location.js?ts=1307157346 HTTP/1.1      
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/js/functions.js?ts=1307157346 HTTP/1.1                
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/js/functions.js?ts=1307157346 HTTP/1.1            
[Sat Jul 02 15:32:25 2011] [error] Optional hook test said: GET /mysql/themes/pmahomme/img/logo_right.png HTTP/1.1           
[Sat Jul 02 15:32:25 2011] [error] Optional function test said: GET /mysql/themes/pmahomme/img/logo_right.png HTTP/1.1       
[Sat Jul 02 15:32:30 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored 

2

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

Please disable 4 modules in Apache, then it should work as expected:

- optional_hook_export_module
- optional_hook_import_module
- optional_fn_import_module
- optional_fn_export_module

This was fixed in iRedMail-0.7.2, released on Jun 10.

3

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

No luck. Should sa-spamd, slapd, and slpd be running? These are in /usr/local/etc/rc.d/ but are not starting correctly.

The error are greatly reduced in httpd-error.log, but the behavior is the same (server down and internal error). Log is as follows. (Start jail... looked at .conf files then restarted apache and attempted to log in to awstats and iredadmin.)

[Sat Jul 02 18:15:22 2011] [notice] Digest: generating secret for digest authentication ...
[Sat Jul 02 18:15:22 2011] [notice] Digest: done
[Sat Jul 02 18:15:22 2011] [notice] Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8k DAV/2 mod_wsgi/2.8 Python/2.6.6 configured -- resuming normal operations
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:16 2011] [notice] SIGHUP received.  Attempting to restart
[Sat Jul 02 18:29:16 2011] [error] Exception KeyError: KeyError(34383864256,) in <module 'threading' from '/usr/local/lib/python2.6/threading.pyc'> ignored
[Sat Jul 02 18:29:17 2011] [notice] Digest: generating secret for digest authentication ...
[Sat Jul 02 18:29:17 2011] [notice] Digest: done
[Sat Jul 02 18:29:17 2011] [notice] Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8k DAV/2 mod_wsgi/2.8 Python/2.6.6 configured -- resuming normal operations

4

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

OpenLDAP service is not running. Please fix it first.

5

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

Odd behavior in slapd ....

[root@mail]/usr/local/etc/rc.d(303)# ./slapd restart
slapd not running? (check /var/run/openldap/slapd.pid).
Starting slapd.
./slapd: WARNING: failed to start slapd

Updated slapd.conf in /usr/local/etc/openldap to use the new SSL certs for the server. No change. I can ./slapd forcerestart , but the login behavior is the same with SERVER_DOWN, etc.

Is there another error log someplace I can check?

6

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

Set 'loglevel' to 256 in slapd.conf, then restart it again, check its log file (/var/log/openldap.log).

7

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

OK, did that. openldap.log is:

Jul  6 02:42:31 mail slapd[77749]: @(#) $OpenLDAP: slapd 2.4.25 (Jun  4 2011 01:17:10) $        root@mail.blah.net:/var/ports/basejail/usr/ports/net/openldap24-server/work/openldap-2.4.25/servers/slapd
Jul  6 02:42:31 mail slapd[77749]: main: TLS init def ctx failed: -1
Jul  6 02:42:31 mail slapd[77749]: slapd stopped.
Jul  6 02:42:31 mail slapd[77749]: connections_destroy: nothing to destroy.

8

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

redshirt wrote:

Jul  6 02:42:31 mail slapd[77749]: main: TLS init def ctx failed: -1

OpenLDAP can't read SSL keys, or the SSL keys are incorrect. Please check them first.

9

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

slapd.conf originally had the iRedMail keys and certs. I used the same syntax to replace these with the Comodo SSL certs. Firefox reads these same certs correctly so far (whereas refused to accept the self generated iRedMail certs).

Was there something different about the iRedMail certs in how they were generated to make them compatible with openldap?

(Maybe I should ask, does openldap need the chain bundle cert or the ca cert?)

I could restore the iRedMail certs and use them just with openldap.

10

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

I'm not familiar with Comodo SSL certs, so no idea yet.
Maybe you can find some useful information in manual page of slapd.conf.

11

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

Do you use openssl to create your iRedMail certs or certtool? One source suggested openldap is built against certtool and not openssl.

Also, I noted in the original configuration you have the _CA.pem file listed as both TLSC..File and TLSCA....File. Why is that?

# TLS files.
TLSCertificateFile /etc/ssl/certs/iRedMail_CA.pem
TLSCertificateKeyFile /etc/ssl/private/iRedMail.key
TLSCACertificateFile /etc/ssl/certs/iRedMail_CA.pem

So far no luck in googling a solution. I did find some tips that made sense. (http://www.alwina.org/?p=209)

I put the private key and cert in /usr/local/etc/openldap/private/ and did...
chown -R ldap:ldap private/
chmod 700 -R private

The certificate chain (bundle) and ca went to /usr/local/share/openldap/ and did...
chmod 755 *

I changed slapd.conf and ldap.conf to match the new locations. The author also recommended the order of chain and ca was important here:

TLSCACertificateFile /usr/share/openldap/chain.ca.pem /usr/share/openldap/ca.pem

Unfortunately, none of these changes make any difference. I get the same error. Commenting out all the TLS config lines allows slapd.conf to start no problem.

I am going to revert to the iRedMail certs and see if that works.

12

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

redshirt wrote:

Do you use openssl to create your iRedMail certs or certtool? One source suggested openldap is built against certtool and not openssl.

Yes, create with openssl.

Search 'openssl' in this file:
http://code.google.com/p/iredmail/sourc … /conf/core

13 (edited by redshirt 2011-07-08 07:53:38)

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

OK... resolved. I now have the comodo cert working with apache so the web pages are ssl encrypted and accepted by firefox, AND I have openldap working with the iRedMail certs/key. Since openldap is using a different cert/key/ca from the web server, I used the directory structure (and permissions) laid out by "alwina" (see above); and I used the TLS assignments per the original install (slapd.conf).

# TLS files.
TLSCertificateFile /usr/local/share/openldap/iRedMail_CA.pem              

TLSCertificateKeyFile /usr/local/etc/openldap/private/iRedMail.key               

TLSCACertificateFile /usr/local/share/openldap/iRedMail_CA.pem

Also change the directory in ldap.conf:

TLS_CACERT /usr/local/share/openldap/iRedMail_CA.pem

For the verifiable cert/ca/key be sure to change the similar lines in: dovecot.conf and httpd-ssl.conf.

It remains to be seen if everything is working as expected remotely from another system.

14

Re: [SOLVED] 0.7.1 errors with ssl cert; freebsd 8.2, jail

My remote test works! I do get this error when using the regular url for the server from a system other than the server: ssl_error_rx_record_too_long. But, if I use the IP address for the url everything is fine. Odd. But working enough for now.

Many thanks to Zhang!