1

Topic: untrusted source

I bought a certificate and edited the appropriate records as per instructed on the webguide, but I'm still getting an insecure connection message when logging in from external sources.



==== Required information ====
- iRedMail version (check /etc/iredmail-release):0.9.5-1
- Linux/BSD distribution name and version: Ubunutu 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySql
- Web server (Apache or Nginx):Apache
- Manage mail accounts with iRedAdmin-Pro? Standard account
- Related log if you're reporting an issue:
====

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: untrusted source

Also, I'm having trouble with the SSH login...


matthew.custer wrote:

I bought a certificate and edited the appropriate records as per instructed on the webguide, but I'm still getting an insecure connection message when logging in from external sources.



==== Required information ====
- iRedMail version (check /etc/iredmail-release):0.9.5-1
- Linux/BSD distribution name and version: Ubunutu 16.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySql
- Web server (Apache or Nginx):Apache
- Manage mail accounts with iRedAdmin-Pro? Standard account
- Related log if you're reporting an issue:
====

3

Re: untrusted source

Please show error or log.

On my guess without log. You have install it wrong.

- Please check all ssl connect point. (dovecot,postfix,nginx,apache.Etc.)
- Check ssl cert part is it collect.
- If you have Load balance check it too.

4

Re: untrusted source

matthew.custer wrote:

Also, I'm having trouble with the SSH login...

SSL cert doesn't impact SSH access.

5

Re: untrusted source

Which error logs should I post?

Apache2 Error log
[Mon Jul 18 07:46:02.441448 2016] [ssl:warn] [pid 3060] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Mon Jul 18 07:46:02.441906 2016] [ssl:warn] [pid 3060] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Mon Jul 18 07:46:02.442570 2016] [mpm_prefork:notice] [pid 3060] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Mon Jul 18 07:46:02.442582 2016] [core:notice] [pid 3060] AH00094: Command line: '/usr/sbin/apache2'
[Mon Jul 18 09:03:10.070882 2016] [:error] [pid 12921] [client 104.128.144.131:42189] script '/var/www/html/redirect.php' not found or unable to stat
[Mon Jul 18 23:11:17.422998 2016] [:error] [pid 13521] [client 46.161.40.11:15991] script '/var/www/html/xmlrpc.php' not found or unable to stat, referer: https://google.com
[Mon Jul 18 23:53:18.280618 2016] [ssl:error] [pid 12920] AH02032: Hostname 206.221.159.163 provided via SNI and hostname cmt-solutions.com provided via HTTP are different
[Wed Jul 20 07:41:32.577763 2016] [core:error] [pid 21239] [client 169.229.3.91:45415] AH00135: Invalid method in request \x8e
[Thu Jul 21 10:52:14.086687 2016] [mpm_prefork:notice] [pid 3060] AH00169: caught SIGTERM, shutting down
[Thu Jul 21 10:52:15.102804 2016] [ssl:warn] [pid 27078] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Jul 21 10:52:15.103260 2016] [ssl:warn] [pid 27078] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Thu Jul 21 10:52:15.131126 2016] [ssl:warn] [pid 27080] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Jul 21 10:52:15.131558 2016] [ssl:warn] [pid 27080] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Thu Jul 21 10:52:15.134368 2016] [mpm_prefork:notice] [pid 27080] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Thu Jul 21 10:52:15.134396 2016] [core:notice] [pid 27080] AH00094: Command line: '/usr/sbin/apache2'

APACHE2 Error log 2
[Sun Jul 11 07:47:58.608055 2016] [ssl:warn] [pid 3110] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sun Jul 10 07:47:58.608495 2016] [ssl:warn] [pid 3110] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Sun Jul 10 07:47:58.609166 2016] [mpm_prefork:notice] [pid 3110] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Sun Jul 10 07:47:58.609182 2016] [core:notice] [pid 3110] AH00094: Command line: '/usr/sbin/apache2'
[Sun Jul 10 17:50:22.704089 2016] [:error] [pid 28822] [client 191.96.249.42:56074] script '/var/www/html/xmlrpc.php' not found or unable to stat
[Mon Jul 11 16:20:27.377001 2016] [ssl:error] [pid 6255] AH02032: Hostname 206.221.159.163 provided via SNI and hostname cmt-solutions.com provided via HTTP are different
[Tue Jul 12 10:17:17.676712 2016] [:error] [pid 31674] [client 91.200.12.55:54823] script '/var/www/html/wp-login.php' not found or unable to stat, referer: http://billybarooz.com/wp-login.php
[Tue Jul 12 10:17:17.838568 2016] [:error] [pid 31674] [client 91.200.12.55:54823] script '/var/www/html/wp-login.php' not found or unable to stat, referer: http://billybarooz.com/wp-login.php
[Wed Jul 13 01:40:44.503490 2016] [core:error] [pid 2483] [client 71.6.165.200:54793] AH00135: Invalid method in request quit
[Wed Jul 13 02:43:54.559468 2016] [core:error] [pid 31674] [client 169.229.3.91:52862] AH00135: Invalid method in request O\xf3\x99VoC\x10c\xbfD
[Thu Jul 14 00:06:43.684784 2016] [:error] [pid 31674] [client 37.123.97.16:60332] script '/var/www/html/index.php' not found or unable to stat
[Thu Jul 14 09:22:39.578085 2016] [:error] [pid 6254] [client 195.243.27.138:5491] script '/var/www/html/wp-login.php' not found or unable to stat
[Fri Jul 15 01:40:18.948816 2016] [:error] [pid 23865] [client 218.20.118.8:3949] script '/var/www/html/index.php' not found or unable to stat
[Fri Jul 15 01:40:24.592804 2016] [:error] [pid 28302] [client 218.20.118.8:4030] script '/var/www/html/index.php' not found or unable to stat
[Fri Jul 15 01:40:52.302771 2016] [:error] [pid 23528] [client 218.20.118.8:4566] script '/var/www/html/default.php' not found or unable to stat
[Fri Jul 15 01:40:57.791165 2016] [:error] [pid 6255] [client 218.20.118.8:4625] script '/var/www/html/default.php' not found or unable to stat
[Fri Jul 15 01:41:23.737721 2016] [:error] [pid 23857] [client 218.20.118.8:4946] script '/var/www/html/main.php' not found or unable to stat
[Fri Jul 15 01:41:29.460232 2016] [:error] [pid 2483] [client 218.20.118.8:5008] script '/var/www/html/main.php' not found or unable to stat
[Fri Jul 15 10:37:51.443266 2016] [mpm_prefork:notice] [pid 3110] AH00169: caught SIGTERM, shutting down
[Fri Jul 15 10:37:52.502602 2016] [ssl:warn] [pid 18377] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 15 10:37:52.503064 2016] [ssl:warn] [pid 18377] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jul 15 10:37:53.051327 2016] [ssl:warn] [pid 18379] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 15 10:37:53.051783 2016] [ssl:warn] [pid 18379] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jul 15 10:37:53.054748 2016] [mpm_prefork:notice] [pid 18379] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Fri Jul 15 10:37:53.054781 2016] [core:notice] [pid 18379] AH00094: Command line: '/usr/sbin/apache2'
[Fri Jul 15 10:38:25.942874 2016] [mpm_prefork:notice] [pid 18379] AH00171: Graceful restart requested, doing restart
[Fri Jul 15 10:38:26.025847 2016] [ssl:warn] [pid 18379] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 15 10:38:26.026284 2016] [ssl:warn] [pid 18379] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jul 15 10:38:26.027000 2016] [mpm_prefork:notice] [pid 18379] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Fri Jul 15 10:38:26.027014 2016] [core:notice] [pid 18379] AH00094: Command line: '/usr/sbin/apache2'
[Fri Jul 15 11:28:05.048088 2016] [mpm_prefork:notice] [pid 18379] AH00169: caught SIGTERM, shutting down
[Fri Jul 15 11:29:54.294145 2016] [ssl:warn] [pid 3058] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 15 11:29:54.327599 2016] [ssl:warn] [pid 3058] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jul 15 11:29:56.559980 2016] [ssl:warn] [pid 3060] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Fri Jul 15 11:29:56.560403 2016] [ssl:warn] [pid 3060] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jul 15 11:29:56.642060 2016] [mpm_prefork:notice] [pid 3060] AH00163: Apache/2.4.7 (Ubuntu) OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Fri Jul 15 11:29:56.642084 2016] [core:notice] [pid 3060] AH00094: Command line: '/usr/sbin/apache2'
[Fri Jul 15 14:40:56.098871 2016] [:error] [pid 3091] [client 178.74.245.193:55471] script '/var/www/html/admin.php' not found or unable to stat
[Fri Jul 15 14:40:56.670561 2016] [:error] [pid 3088] [client 178.74.245.193:55499] script '/var/www/html/wp-login.php' not found or unable to stat
[Sat Jul 16 22:34:22.529109 2016] [:error] [pid 3091] [client 192.185.82.128:50444] script '/var/www/html/1.php' not found or unable to stat
[Sat Jul 16 22:34:22.596186 2016] [:error] [pid 5761] [client 192.185.82.128:50447] script '/var/www/html/abc.php' not found or unable to stat
[Sat Jul 16 22:34:22.663062 2016] [:error] [pid 23930] [client 192.185.82.128:50450] script '/var/www/html/bookmark.php' not found or unable to stat
[Sat Jul 16 22:34:22.730627 2016] [:error] [pid 7099] [client 192.185.82.128:50452] script '/var/www/html/CHANGELOG.php' not found or unable to stat
[Sat Jul 16 22:34:22.797726 2016] [:error] [pid 3091] [client 192.185.82.128:50457] script '/var/www/html/configbak.php' not found or unable to stat
[Sat Jul 16 22:34:22.864228 2016] [:error] [pid 5761] [client 192.185.82.128:50459] script '/var/www/html/configbak.php' not found or unable to stat
[Sat Jul 16 22:34:22.931108 2016] [:error] [pid 7099] [client 192.185.82.128:50463] script '/var/www/html/.config.php' not found or unable to stat
[Sat Jul 16 22:34:22.997230 2016] [:error] [pid 23930] [client 192.185.82.128:50467] script '/var/www/html/configuration.php' not found or unable to stat
[Sat Jul 16 22:34:23.064045 2016] [:error] [pid 3091] [client 192.185.82.128:50469] script '/var/www/html/configuration.php' not found or unable to stat
[Sat Jul 16 22:34:23.133669 2016] [:error] [pid 7099] [client 192.185.82.128:50471] script '/var/www/html/conns.php' not found or unable to stat
[Sat Jul 16 22:34:23.206220 2016] [:error] [pid 5761] [client 192.185.82.128:50476] script '/var/www/html/conns.php' not found or unable to stat
[Sat Jul 16 22:34:23.272965 2016] [:error] [pid 23930] [client 192.185.82.128:50482] script '/var/www/html/.cpanel_config.php' not found or unable to stat
[Sat Jul 16 22:34:23.340202 2016] [:error] [pid 3091] [client 192.185.82.128:50492] script '/var/www/html/cron.php' not found or unable to stat
[Sat Jul 16 22:34:23.411155 2016] [:error] [pid 5761] [client 192.185.82.128:50499] script '/var/www/html/css.php' not found or unable to stat
[Sat Jul 16 22:34:23.478770 2016] [:error] [pid 23930] [client 192.185.82.128:50501] script '/var/www/html/elements.php' not found or unable to stat
[Sat Jul 16 22:34:23.548345 2016] [:error] [pid 7099] [client 192.185.82.128:50502] script '/var/www/html/extracts.php' not found or unable to stat
[Sat Jul 16 22:34:23.619916 2016] [:error] [pid 3091] [client 192.185.82.128:50506] script '/var/www/html/gemb.php' not found or unable to stat
[Sat Jul 16 22:34:23.688154 2016] [:error] [pid 23930] [client 192.185.82.128:50509] script '/var/www/html/home.bak.php' not found or unable to stat
[Sat Jul 16 22:34:23.755638 2016] [:error] [pid 5761] [client 192.185.82.128:50512] script '/var/www/html/include.php' not found or unable to stat
[Sat Jul 16 22:34:23.829671 2016] [:error] [pid 7099] [client 192.185.82.128:50517] script '/var/www/html/index2.php' not found or unable to stat
[Sat Jul 16 22:34:23.903316 2016] [:error] [pid 3091] [client 192.185.82.128:50521] script '/var/www/html/index.php' not found or unable to stat
[Sat Jul 16 22:34:23.978325 2016] [:error] [pid 5761] [client 192.185.82.128:50526] script '/var/www/html/index.php' not found or unable to stat
[Sat Jul 16 22:34:24.045192 2016] [:error] [pid 23930] [client 192.185.82.128:50531] script '/var/www/html/index.php' not found or unable to stat
[Sat Jul 16 22:34:24.112313 2016] [:error] [pid 7099] [client 192.185.82.128:50533] script '/var/www/html/.joomla.system.php' not found or unable to stat
[Sat Jul 16 22:34:24.180050 2016] [:error] [pid 5761] [client 192.185.82.128:50538] script '/var/www/html/license2016.php' not found or unable to stat
[Sat Jul 16 22:34:24.247286 2016] [:error] [pid 3091] [client 192.185.82.128:50543] script '/var/www/html/license.php' not found or unable to stat
[Sat Jul 16 22:34:24.314777 2016] [:error] [pid 23930] [client 192.185.82.128:50545] script '/var/www/html/lic.php' not found or unable to stat
[Sat Jul 16 22:34:24.382266 2016] [:error] [pid 7099] [client 192.185.82.128:50550] script '/var/www/html/load-config.php' not found or unable to stat
[Sat Jul 16 22:34:24.449504 2016] [:error] [pid 3091] [client 192.185.82.128:50554] script '/var/www/html/locoy.php' not found or unable to stat
[Sat Jul 16 22:34:24.516912 2016] [:error] [pid 5761] [client 192.185.82.128:50556] script '/var/www/html/mko.php' not found or unable to stat
[Sat Jul 16 22:34:24.583603 2016] [:error] [pid 23930] [client 192.185.82.128:50561] script '/var/www/html/modx.php' not found or unable to stat
[Sat Jul 16 22:34:24.657922 2016] [:error] [pid 7099] [client 192.185.82.128:50563] script '/var/www/html/mysql.php' not found or unable to stat
[Sat Jul 16 22:34:24.726985 2016] [:error] [pid 3091] [client 192.185.82.128:50565] script '/var/www/html/nicesite.php' not found or unable to stat
[Sat Jul 16 22:34:24.795927 2016] [:error] [pid 5761] [client 192.185.82.128:50569] script '/var/www/html/ods.php' not found or unable to stat
[Sat Jul 16 22:34:24.862374 2016] [:error] [pid 23930] [client 192.185.82.128:50575] script '/var/www/html/plugin.php' not found or unable to stat
[Sat Jul 16 22:34:24.931316 2016] [:error] [pid 7099] [client 192.185.82.128:50578] script '/var/www/html/popup-pomo.php' not found or unable to stat
[Sat Jul 16 22:34:24.997903 2016] [:error] [pid 5312] [client 192.185.82.128:50580] script '/var/www/html/post.php' not found or unable to stat
[Sat Jul 16 22:34:25.065709 2016] [:error] [pid 3091] [client 192.185.82.128:50583] script '/var/www/html/rssd.php' not found or unable to stat
[Sat Jul 16 22:34:25.132440 2016] [:error] [pid 5761] [client 192.185.82.128:50586] script '/var/www/html/sample.php' not found or unable to stat
[Sat Jul 16 22:34:25.201637 2016] [:error] [pid 23930] [client 192.185.82.128:50594] script '/var/www/html/security.php' not found or unable to stat
[Sat Jul 16 22:34:25.268690 2016] [:error] [pid 7099] [client 192.185.82.128:50599] script '/var/www/html/shell.php' not found or unable to stat
[Sat Jul 16 22:34:25.341802 2016] [:error] [pid 5761] [client 192.185.82.128:50609] script '/var/www/html/showthread.php' not found or unable to stat
[Sat Jul 16 22:34:25.408868 2016] [:error] [pid 23930] [client 192.185.82.128:50612] script '/var/www/html/slic.php' not found or unable to stat
[Sat Jul 16 22:34:25.475364 2016] [:error] [pid 7099] [client 192.185.82.128:50615] script '/var/www/html/sql.php' not found or unable to stat
[Sat Jul 16 22:34:25.547938 2016] [:error] [pid 5761] [client 192.185.82.128:50620] script '/var/www/html/stats.php' not found or unable to stat
[Sat Jul 16 22:34:25.615136 2016] [:error] [pid 23930] [client 192.185.82.128:50626] script '/var/www/html/stats.php' not found or unable to stat
[Sat Jul 16 22:34:25.681672 2016] [:error] [pid 7099] [client 192.185.82.128:50632] script '/var/www/html/sw.php' not found or unable to stat
                                                                                                                                                                                                                                                                                                1,11          Top




jackavin wrote:

Please show error or log.

On my guess without log. You have install it wrong.

- Please check all ssl connect point. (dovecot,postfix,nginx,apache.Etc.)
- Check ssl cert part is it collect.
- If you have Load balance check it too.

6

Re: untrusted source

matthew.custer wrote:

[Sun Jul 10 07:47:58.608495 2016] [ssl:warn] [pid 3110] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)

What's the domain name you used to request ssl cert? it doesn't match the domain name in URL (https://<domain>/).