Plesk 12.x / Linux :: Courier SSL Shared Cipher Error

Aug 8, 2014

Yesterday we upgraded two of our servers to the latest Plesk 12.

The 1st server is an CentOS/CLoudlinux 6.x server and the 2nd an CentOS 5.x server.

Both of them were running Plesk 11.5 before the upgrade.

After the upgrade, we have the same issue in both servers which is that the START/TLS, SSL protocols at Courier imaps or pop3s do not work, and mail clients (outlook, thunderbird) return that the password is wrong when they connect over a secure connection.

In both of them, at the /var/log/maillog, we are getting the same messages, as the following one:

--------------------------------------------------------------------------
courier-imaps: couriertls: connect: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
--------------------------------------------------------------------------

As the issue is in both server, we believe thath it there is a bug in the new version or the update script.

We have already checked all configurations which seem ok, tried to... reboot the machines, mailchk repair, but nothing seems to work. 

View 1 Replies


ADVERTISEMENT

Plesk 12.x / Linux :: SSL Cipher Strength RC4?

Jan 5, 2015

Recently i have upgraded my system to Plesk 12 and im loving it. After upgrading i started checking and fixing all my SSL shortcommings. I think i've come from a far end upgrading it.

One of the fixes was the poodle fix, wich recommended to upgrade cipher suites. When analysing my cipher suites at ssllabs testing suite i get the following errors:

TLS_RSA_WITH_RC4_128_MD5 (0x4) WEAK128
TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK128
TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) WEAK128
RC4Yes WEAK

​I cannot find a way to remove the weak RC4 protocol and the other three weaknesses.

View 3 Replies View Related

Plesk 12.x / Linux :: Timeout On Courier-pop3d

Jul 14, 2015

I have a problem with an account. The client connects and starts getting his mails, like this:

Jul 14 07:39:04 host courier-pop3d: LOGIN, user=*****@*****.com, ip=[::ffff:*.*.*.152], port=[*]Click to expand...

View 2 Replies View Related

Plesk 12.x / Linux :: Courier Mail Service Do Not Respond

Feb 2, 2015

I'm using plesk with CentOS 6.6

After setting up some e-mail accounts over the plesk gui I tried to connect via a mail software (like thunderbird).

This failed with every combination of settings I tried. So I checked if the POP3/IMAP services are running correctly using telnet.

I connected using the following command:

Code:
telnet <host-ip> 110

The response was:

Code:
Trying <host-IP>...
Connected to <host-IP>.
Escape character is '^]'.
-ERR Cannot connect to POP server <host-IP> (<host-IP>:110), NB connect error 1460
Connection closed by foreign host.

Did I miss to enable a setting?

The Plesk gui schows me, that the corresponding services are running...

View 2 Replies View Related

Plesk 12.x / Linux :: Unable To Disable SSL V2 And V3 In Postfix And Courier

Dec 13, 2014

I am trying to secure my VPS and one thing noted in a recent scan was SSL v2 and v3 being supported for SMTP, POP3 and IMAP. So a check of ‘Disabling SSLv3 Support on Servers’ and the Postfix configuration settings suggest:

smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5
# Preferred syntax with Postfix = 2.5:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3​

This actually goes further than disabling SSLv2 and v3 and also excludes the use of NULL and MD5 ciphers.

The Postfix conf file, main.cf exists in two places on my VPS:

# find / -name main.cf
/usr/libexec/postfix/main.cf
/etc/postfix/main.cf​

Examining both only the copy in /etc/postfix/ is configured and at the end of this file I can find all the Plesk settings, including some RBLs I’ve defined via the UI. Hence I know this is the working config as of the two, it’s the only one actually configured. Hence I add the required commands to the config:

...
smtpd_tls_key_file = $smtpd_tls_cert_file
smtpd_tls_security_level = may
smtpd_use_tls = yes
smtp_tls_security_level = may

[Code] ....

I then go to the Plesk Tools & Settings > Services Management and restart:

SMTP Server (Postfix)
And for good measure:

Plesk milter (Postfix)

I then test whether SSLv2 is enabled:

# openssl s_client -connect x.x.x.x:25 -starttls smtp -ssl2​

Now what I should get back is an error as the attempt to connect with SSLv2 should fail as it's an excluded protocol, but instead what I get back is the Plesk cert and a connection:

# openssl s_client -connect x.x.x.x:25 -starttls smtp -ssl2
CONNECTED(00000003)
depth=0 C = US, ST = Virginia, L = Herndon, O = Parallels, OU = Parallels Panel, CN = Parallels Panel, emailAddress = info@parallels.com
verify error:num=18:self signed certificate
...​

Why? What do I need to do to have Postfix use the updated config and refuse an SSL2 connection?

I seem to have the same issue with Courier having made similar changes to the /etc/courier-imap/pop3d-ssl file:

# Iain 2014-12-12
# TLS_CIPHER_LIST="SSLv3:TLSv1:HIGH:!LOW:!MEDIUM:!EXP:!NULL:!aNULL@STRENGTH"
TLS_CIPHER_LIST="TLSv1:HIGH:MEDIUM:!LOW:!EXP:!NULL:!aNULL@STRENGTH"​

And /etc/courier-imap/imapd-ssl file:

# Iain 2014-12-12
# TLS_PROTOCOL=SSL23
TLS_PROTOCOL=TLS1​

actually, this should probably read:

# Iain 2014-12-12
# TLS_PROTOCOL=SSL23
TLS_PROTOCOL=TLS1, TLS1.1, TLD1.2​

Why am I unable to disable SSL v2 and v3 for SMTP/POP3/IMAP with Postfix and Courier?

View 15 Replies View Related

Plesk 12.x / Linux :: Courier IMAP And Auto Deleting Trash After 7 Days

Feb 20, 2015

I'm trying to find Courier IMAP config: /etc/courier/imapd

Because i would like to edit the parameters for the trash folder (see qoute and link below)

The file on my server is not there. I did some grep and locate commands and was unable to find it.

##NAME: IMAP_EMPTYTRASH:0
#
# The following setting is optional, and causes messages from the given
# folder to be automatically deleted after the given number of days.
# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default
# setting, below, purges 7 day old messages from the Trash folder.
# Another useful setting would be:
#
# IMAP_EMPTYTRASH=Trash:7,Sent:30

[Code] ....

View 1 Replies View Related

Plesk 11.x / Linux :: 11.5.30 Repository Error - Transport Error - Unable To List Directory - Curl Error

Jun 29, 2013

After upgrade to Plesk 11.5.30 trying to set up FTP-Backup Repository:

Repository error: Transport error: unable to list directory: Curl error: Access denied to remote resourceClick to expand...

View 7 Replies View Related

Plesk 12.x / Linux :: Shared IP Not Working

Nov 4, 2014

I have set up a CentoS 6 & Plesk 12.0.18 server as master and a reseller. I enabled the shared IP under IP address in the tools section.

I then added a customer and domain. then I added reseller with domain and 2 customers with domain under that. I changed the nameservers at registrar to the IP of the new server. When I use the control panel and under each domain I use the PREVIEW and each domain shows the index.html file I uploaded. When I choose OPEN it opens a new window to the domains address and I get webpage not found. And yes it has been almost 36 hours since the registrar change in case you are wondering.

Is there a setting I am missing or is the server set up wrong? Why wont it show the webpages as it does in the previews?

View 7 Replies View Related

Plesk 11.x / Linux :: SSL For Single Domain On Shared IP?

Aug 11, 2014

Plesk Panel 11.5.30, on Centos 5.10. I have 2 'domains' running on the same ip; sub.mysite.com and mysite.com. I need to add SSL to sub.mysite.com.

From the documentation, [URL] ...., it appears that if the user is using a SNI compatible browser a single SSL certificate for sub.mysite.com should work (as I am using a linux server, SNI is enabled by default I believe).

However, the control panel for the domain (website & domains > hosting settings) states that "To employ SSL, move this site to a dedicated IP address, install an SSL certificate on the site, and then select it below." In addition, other documentation makes reference to a "Secure your sites" link on the control panel to implement a purchased SSL certificate, which is not visible to me - I presume because the domain is not on a dedicated ip address.

Can someone confirm that;
a) a SSL certificate for sub.mysite.com on a shared ip will work.
b) that the SSL for sub.mysite.com would managed at the server level (Server Management > Tools & Settings > SSL Certificates) rather than the domain's control panel.

One alternative may be to purchase a wildcard SSL certificate (*.mysite.com). This post [URL] .... suggests that this would work. However, this is a more costly option and does more that I need (i.e. delivers SSL for all domains).

I could also purchase a dedicated ip address for sub.mysite.com. I have no experience of moving domains within plesk from a shared ip to a dedicated ip. Is this a straightforward process?

View 1 Replies View Related

Cipher To Use For OpenVPN Encryption?

Jul 15, 2008

Can anyone who is a security expert recommend the most secure option for choosing what type of "cipher" to use with our OpenVPN setup?

(I bolded the one I think might be best? Let me know what you think. We are currently using "BF-CBC", but I want to be sure it's not breakable...) ...

View 4 Replies View Related

Weak Cipher Vulnerability On Apache Web Server

Apr 10, 2013

We are currently running ColdFusion 9 on an Apache server. After running a Webinspect scan for one of our web applications, a weak cipher vulnerability was flagged as critical. Their recommended change to the httpd.conf file is listed below. We made the change and restarted our server but the same vulnerability came up again. How to eliminate the weak cipher vulnerability?

SSLCipherSuite ALL:!aNull:!ADH:!eNull:!LOW:!EXP:!NULL:RC4+RSA:+HIGH:+MEDIUM 

View 3 Replies View Related

Plesk 12.x / Linux :: SSL Error During Key Update

Oct 6, 2014

Whenever I try to update the Plesk key via webinterface I receive the following error:

Unable to connect to license server [URL] ....

cURL error description: Problem with the SSL CA cert (path? access rights?)(77)

Checking via command line shows that the SSL certificate of ka.parallels.com on port 5224 is expired in 2004 (!)

As it worked until today, why the SSL cert check fails now?

View 9 Replies View Related

Plesk 12.x / Linux :: Error Backup FTP

Jun 22, 2014

I upgraded Plesk 11.5 to the latest version 12.0.08 # 5 and now I can not configure the external FTP backup I get the error:Transport error: unable to list directory: Curl error: Timeout was reached. Also failing the backup shows this error: Unable to rotate dump: The dump rotation is failed with code '126 'at / opt / psa / admin / bin / plesk_agent_manager line 1041.

And this one:Can not upload file 'domains/domain.tld/backup_domain.tld_info_1406210716.xml' to ftp. Error code: 1..my SO Debian 6.0.8

View 19 Replies View Related

Plesk 12.x / Linux :: Error After Add Subscription

Jul 21, 2014

I have plesk 12.0.18 Update #9 Fresh installation. When i'm done with adding an subscription i get this error:

New configuration files for the Apache web server were not created due to the errors in configuration templates:

Template processing failed: file = /usr/local/psa/admin/conf/templates/default/domainVhost.php, error = Template_Exception: No data. file: /usr/local/psa/admin/plib/Template/Processor.php line: 28 code: 0 Previous error: Template_Variable_Exception: No data. file: /usr/local/psa/admin/plib/Template/Variable/AbstractCachedData.php line: 67 code: 0. Detailed error descriptions were sent to you by email. Please resolve the issues and click here to generate broken configuration files once again or here to generate all configuration files. See the details in Configuration Troubleshooter

View 5 Replies View Related

Plesk 12.x / Linux :: Error Log Not Rotating?

Feb 19, 2015

just had a server /var full because of an error_log that was 4GB in size. First entries were from 28th of august last year.

Log rotation is configured on the webspace and access.log is rotating. It's set to rotate every 10240kiB.

Since the difference between 10MiB and >4GiB is quite large and there being a lot of errors on 28th august already it should have been rotated way sooner. Even if cron only runs the job once a day.

Host OS is Ubuntu 12.04.5 in case it matter.

View 4 Replies View Related

Plesk 12.x / Linux :: Slave DNS Error

May 16, 2015

I am using the Slave DNS manager and I'm getting the following error in /var/log/messages on the slave server when the master/plesk tries to send change notifications.received notify for zone 'example.com': not authoritative

The domain is pointing to ns1.mydomain.com and ns2.mydomain.com, the domains zone on the master has both of these as NS records. And the SOA record lists ns1.mydomain.com as the primary authoritative nameserver.The zone has not been set on the slave server, what would be the cause here?

Slaves named.conf
bbb.bbb.bb.bbb = Slave IP
aaa.aa.aa.aaa = Master/Plesk

Code:

options {
listen-on port 53 { 127.0.0.1; bbb.bbb.bb.bbb; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
zone-statistics yes;

[code]....

View 2 Replies View Related

Plesk 12.x / Linux :: FTP Backups Error

Sep 22, 2014

Since upgrading to v12* I have had issues backing up to my FTP repo, the errors are limited but how to come over it?I have searched and checked all common issues, space on drive, space on destination etc.

Errors I receive are:

[root@web01 backup-2014-09-22-08-32-24-354]# tail -f backup.log
[2014-09-22 10:09:52.790|24801] INFO: Transport: Init credentials for user ''
[2014-09-22 10:09:52.790|24801] INFO: Repository '/home2/backups/': Initialized
[2014-09-22 10:09:52.803|24801] INFO: Repository 'ftp://XXX//XXX/XXX/': Initializing...
[2014-09-22 10:09:52.803|24801] INFO: Transport: Get repository transport ftp://XXX//XXX/XXX/
[2014-09-22 10:09:52.803|24801] INFO: Transport: Init credentials for user 'XXX'
[2014-09-22 10:09:52.820|24801] INFO: Repository 'ftp://XXX//XXX/XXX/': Initialized
[2014-09-22 10:09:52.840|24801] INFO: pmm-ras finished. Exit code: 1
[10918]: 2014-09-22 09:09:52 ERROR 25eebacd-8f15-492d-8297-27d25ecb68b8 Can't upload file 'backup_info_1409220832.xml' to ftp. Error code: 1
[10918]: 2014-09-22 09:09:52 DEBUG Uploader output: Error: basic_string::_S_construct NULL not valid

No matter what I try this fails, I have a v11* still backing up without issues to the same FTP.

View 1 Replies View Related

Plesk 12.x / Linux :: Gmail Error - 454 4.7.0 TLS Not Available

Jul 13, 2014

Started testing my install of PP12 and found I cannot receive email from gmail.

There error is "454 4.7.0 TLS not available due to local problem"

This is a brand new install of PP ( Centos Linux ) via the AWS Marketplace EC2 instance ( offered by Parallels ).

View 4 Replies View Related

Plesk 12.x / Linux :: Crontabmng Error After Migration

Feb 24, 2015

We successfully migrated web and email from a Plesk 9.3 system to the new Plesk 12.0 system. Afterwards i try to install new extensions and / or try to delete existing extensions and receive the following error:

Die Erweiterung Webserver Configurations Troubleshooter kann nicht entfernt werden: crontabmng failed: /usr/bin/crontab execution failed: "crontabViWP46":11: bad command errors in crontab file, can't install. System error: crontab execution error

Means that i am not able to delete the extension "Webserver Configurations Troubleshooter". But the extension is delete (but not completelly - only a checkbox is shown without entry).

Is something comes with a config of the old server? All works proper until migration.

View 3 Replies View Related

Plesk 11.x / Linux :: Error Installation Joomla App

May 27, 2014

I get this error by installing joomla attached...

View 2 Replies View Related

Plesk 12.x / Linux :: Backup Restore Error

Nov 16, 2014

i have make a full Plesk Backup on my Old Server with Plesk 12.0(Ubuntu) and will restore the Backup on my new Server with Plesk 12.0(CentOS).When i will restore the backup i get this error: "Error: The source file is not a valid XML file. If you supplied an archive file containing a backup from Plesk version 9 or later, then extract the contents of this archive, and process the extracted XML file with the converter. If you want to convert a backup file from a Plesk version earlier than 9, then you first need to process it with the pre9-backup-convert utility, and then process the resulting file with the pre10-backup-convert utility."

In the Logs i found this:

deployer.log - [URL] ...
import.log - [URL] ...
pmmcli.log - [URL] ...

View 4 Replies View Related

Plesk 12.x / Linux :: Unlock And Sync Error

Nov 17, 2014

When I try to unlock a subscription I get the following error message. The fact is that I have not customized any time any parameter of this subscription, but has blocked me.ERROR: Call to a member function isDefault() on a non-object (Domain.php:966)

View 6 Replies View Related

Plesk 11.x / Linux :: Cannot Logon - Web Page Not Available Error

Jun 29, 2015

I tried access my plesk box via http://ipaddress:8443 but am met with an web page not available error. I checked my disk df -h and found

/dev/mapper/VolGroup00-LogVol00 Use% is at 100%. What can I clear out to get it up and running again?

View 4 Replies View Related

Plesk 12.x / Linux :: Error On Enabling Nginx

May 20, 2015

I wanted to activate nginx on my server als describes on [URL] ...

Installing was no problem, but when i try to enable nginx, I always get errors:

/usr/local/psa/admin/sbin/nginxmng -e
[2015-05-20 10:42:36] ERR [util_exec] proc_close() failed
Error occured while sending feedback. HTTP code returned: 502
[2015-05-20 10:42:37] ERR [util_exec] proc_close() failed

[Code] ....

View 7 Replies View Related

Plesk 12.x / Linux :: ERROR IP Nginx After UPDATE

Mar 18, 2015

how is it possible that after an update my main site is down? This site: www.orderhosting.it has plesk Panel and I have 20 sites. They work perfectly but my main site is off. I think there is an error in the configuration because:

[root@orderhosting ~]# grep -r 199.99.36.73 /etc/nginx/
[root@orderhosting ~]#

This is strange.Error log does not report any errors, only this: [warn] RSA server certificate CommonName (CN) `Parallels Panel' does NOT match server name!?

View 7 Replies View Related

Plesk 12.x / Linux :: Wordpress Install Error?

Mar 10, 2015

HTTP Error (404)

[URL] ....

This is the error I get when trying to install wordpress

View 10 Replies View Related

Plesk 12.x / Linux :: Error While Recreating Template

Sep 3, 2014

I disabled the reverse proxy and i got following error:

Code:
Fehler: Aufgrund von Fehlern in den Konfigurations-Templates konnten keine neuen Konfigurationsdateien für den Apache Webserver erstellt werden: Template processing failed: file = /opt/psa/admin/conf/templates/default/server.php, error = Template_Exception: syntax error, unexpected '=>' (T_DOUBLE_ARROW)
file: /opt/psa/admin/plib/Template/Processor.php

[Code] ....

Now I got the problem that i can't create the /etc/apache2/plesk.conf.d/server.conf

View 1 Replies View Related

Plesk 12.x / Linux :: Httpdmng Reconfigure Error

Feb 9, 2015

After upgrading my vps (running CentOS 5.10) to Plesk Panel 12 all the websites hosted we're showing the Plesk default page. So I ran the httpdmng to reconfigure all the sites and I got this error back:

~]# /usr/local/psa/admin/bin/httpdmng --reconfigure-all

Execution failed.
Command: httpdmng
Arguments: Array
(
[0] => --reconfigure-domains
[1] => domain1.tld,domain2.tld,domain3.tld
)
Details: Empty error message from utility.

I already restarted all the services, rebooted the server and followed this kb article: [URL]

Unfortunately no success.

View 1 Replies View Related

Plesk 12.x / Linux :: Error When Creating Domains?

May 15, 2015

since yesterday I'm receiving this errors on some website: see attachment

View 2 Replies View Related

Plesk 12.x / Linux :: Error When Creating New Subscription

Jun 18, 2015

We get this same error on every subscription we create. It doesn't seem to affect anything but it's more of an annoyance than anything. It did it on plesk 11.5 and now with plesk 12.

[2015-06-18 08:35:13] ERR [util_exec] proc_close() failed
PHP Fatal error: Uncaught exception 'PleskUtilException' with message 'glmng failed: ' in /usr/local/psa/admin/plib/Service/Agent.php:243
Stack trace:

[Code] .....

View 7 Replies View Related

Plesk 11.x / Linux :: Error When Install Horde With 11.5.30?

May 11, 2014

I'm facing a problems with my plesk 11.5.30 (latest update with CentOS 6.x).

One subscription can't switch between horde and round-cube. When they change to round-cube, it's still running Horde. To solve this problems, I tried remove Horde (everything's fine, successful) and install it again (error).

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved