Hi,
unfortunately suddenly my web ui failed to show. I get a cert error from a certificate I don’t own (s2.youtube-leren.tk) and when I accept that, I get either a “bad request” or a 404 on both roundcube or admin interface.
SMTP an IMAP are working, but the websites are broken.
I reinstalled due to maintenance guide but the problem remains!
Does someone have an idea?
Thanks in advance,
Solo
No! No admin interface and no roundcube interface… seems to be something with the cert. It used to work for months and suddenly stopped working today. I’m desperate…
If there’s an issue with the certificates, you can try to renew them with the command line. Issue the following command from your mailinabox source folder:
sudo management/ssl_certificates.py
Also of interest might be the status output:
sudo management/status_checks.py
sudo management/ssl_certificates.py → All certs are okay (cert expires in 26 days)
sudo management/status_checks.py → All checks okay, all certs valid.
Still, when I try to access https://1.2.3.4/admin I get a cert warning with the cert of s2.youtube-lger.tk. When I accept the cert, I get a 404 or a “Bad request”… so strange…
Wow. When I use the IP Adress instead of the domain, it seems to work. So there might be something wrong with the DNS?
The DNS record is correct with my hosting service.
nslookup my.domain.de shows the correct answer. So why is https://my.IP/mail working, but https://my.domain.de/mail not?
The status checks should also point out issues with DNS, as you said those were ok, that should not be a problem.
I’m not sure what’s happening here. If you like I can take a closer look if you send me the domain and IP via private message (or post it here if you don’t mind everyone seeing 
) No promises that I can solve it though.
Done… I sent you my domain via private message!
Really weird, I also get a certificate signed for s2.youtube-leren.tk when I access your site.
I’m myself now getting unto unknown territory so before I proceed:
- Anyone else who has bright ideas is welcome to chip in
- Did you (cptsolo) modify anything from the default installation on the box?
What I did find was that the s2.youtube-leren.tk site is hosted by the same VPS provider as yours. (but different ip address)
Can you look at the output of:
openssl x509 -in /home/user-data/ssl/ssl_certificate.pem -text
Notably for which domain that certificate should be used? Also, that pem file is a symlink in my installation. Where does it point to in your case?
The domain seems to be correctly my domain. The cert is a symlink in my install as well. It points to the latest cert in that same directory.
I did not modify anything from the default installation. Maybe nginx uses a different cert? In ssl.conf of n/etc/nginx/conf.d/ssl.conf it uses a different one (dh2048.pem). But it seems to be broken… When I use your openssl command, I get an error message (unable to load certificate). Something is fishy, here…
In etc/nginx/conf.d/ the correct cert is configured:
ssl_certificate /home/user-data/ssl/ssl_certificate.pem;
ssl_certificate_key /home/user-data/ssl/ssl_private_key.pem;
What strikes me is that I have not changed anything! It stopped working suddenly. May be certbot did go weird?
I think this was a wrong thought of mine. See your direct messages for my next trick
Solved!!! After removing the AAAA records everything works again! Still strange, since I did not change anything beforehand!
Thank you very much, KiekerJan!!! I owe you big time!
Regards,
Solo
For the record: the AAAA record did not point to the mail in a box, but somewhere else: the s2.youtube-leren.tk server.
This topic was automatically closed 40 days after the last reply. New replies are no longer allowed.