[Solved] Command 'sudo mailinabox' fails

I installed the MIAB package on a clean Ubuntu server (14.04 LTS) and finally got my reverse dns working from the site hosting company. My DNS records are with the URL registrar, but everything was working.

I tried to use the “Provision” button in the admin page to get a SSL certificate installed but got the same error that a lot of folks were getting. AFter much reading I found the instruction to just ssh back into the host and run “sudo mailinabox” and accept the prompt for the TOS Lets Encrypt configuration.

When I ran the sudo mailinabox command, I never saw anything for the TOS and instead got a different failure. See trace below:
(the actual domain and user id have been sanitized for this view)

myemail@myemaildomain:~$ sudo mailinabox

┌────────────────────────Mail-in-a-Box Installation──────────────────────────┐
│ Hello and thanks for deploying a Mail-in-a-Box! │
│ │
│ I’m going to ask you a few questions. │
│ │
│ To change your answers later, just run ‘sudo mailinabox’ from the command │
│ line. │
│ │
│ NOTE: You should only install this on a brand new Ubuntu installation 100% │
│ dedicated to Mail-in-a-Box. Mail-in-a-Box will, for example, remove │
│ apache2. │
│ │
├────────────────────────────────────────────────────────────────────────────┤
│ < OK > │
└────────────────────────────────────────────────────────────────────────────┘

┌─────────────────────────────────Hostname───────────────────────────────────┐
│ This box needs a name, called a ‘hostname’. The name will form a part of │
│ the box’s web address. │
│ │
│ We recommend that the name be a subdomain of the domain in your email │
│ address, so we’re suggesting myemaildomain.net. │
│ │
│ You can change it, but we recommend you don’t. │
│ │
│ Hostname: │
│ ┌────────────────────────────────────────────────────────────────────────┐ │
│myemaildomain.net │ │
│ └────────────────────────────────────────────────────────────────────────┘ │
├────────────────────────────────────────────────────────────────────────────┤
│ < OK > │
└────────────────────────────────────────────────────────────────────────────┘

Primary Hostname: myemaildomain.net
Public IP Address: 19x.xxx.xxx.xx6
Private IPv6 Address: ::1
Mail-in-a-Box Version: v0.28

Updating system packages…
Installing system packages…
Initializing system random number generator…
Firewall is active and enabled on system startup
Installing nsd (DNS server)…
Installing Postfix (SMTP server)…
Installing Dovecot (IMAP server)…
Installing OpenDKIM/OpenDMARC…
Installing SpamAssassin…
Installing Nginx (web server)…
Installing Roundcube (webmail)…
Installing Nextcloud (contacts/calendar)…
Nextcloud is already latest version
Installing Z-Push (Exchange/ActiveSync server)…
Installing Mail-in-a-Box system management daemon…

FAILED: wget -O /usr/local/lib/mailinabox/vendor/assets/jquery.min.js https://code.jquery.com/jquery-2.1.4.min.js

–2018-08-24 12:20:03-- https://code.jquery.com/jquery-2.1.4.min.js
Resolving code.jquery.com (code.jquery.com)… 205.185.208.52
Connecting to code.jquery.com (code.jquery.com)|205.185.208.52|:443… connected.
Unable to establish SSL connection.

myemail@myemaildomain:~$

.
.
I am not sure what to do at this point. Can someone point me to a resource for figuring this out?

Thank you in advance.

BKM

Well, just to make sure I had tried everything…

I rebooted the server and tried again.The error is still pretty much the same, although maybe just a little further along. It seems that maybe the source location for some of the stuff to be installed is not working?

Anyway, here is the tail end of the trace again where the failure occurred the second time:

Installing Z-Push (Exchange/ActiveSync server)…
Installing Mail-in-a-Box system management daemon…

FAILED: wget -O /usr/local/lib/mailinabox/vendor/assets/jquery.min.js https://code.jquery.com/jquery-2.1.4.min.js

–2018-08-24 13:26:54-- https://code.jquery.com/jquery-2.1.4.min.js
Resolving code.jquery.com (code.jquery.com)… 205.185.208.52
Connecting to code.jquery.com (code.jquery.com)|205.185.208.52|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 84345 (82K) [application/javascript]
Saving to: ‘/usr/local/lib/mailinabox/vendor/assets/jquery.min.js’

 0K .......... ......                                      19% 28.3M=0.001s

2018-08-24 13:30:12 (28.3 MB/s) - Read error at byte 16384/84345 (Connection reset by peer). -----------------------------------------
myemail@myemaildomain:~$

.
.
Does anyone have an idea about how to get past this?

Thank you.

BKM

This looks to be an issue with SSL on your server. Are you on VPS?

Yes. I do run this on a VPS server.

What should I be looking at?

There is no SSL yet. I was trying to set that up when I tripped over all of this.

BKM

This all started when I tried to use the “Provision” button on the admin page to set up the Lets Encrypt SSL cert. There had not been one on the server up to that point. It was the last thing I was going to configure after I had made sure the server was working.

Not sure what might be missing on my server that would have cause the SSL error. I scp a backup file from another server to this one for storage every hour. So, I’m pretty sure the server can receive files by secure connection.

BKM

don’t confuse Let’s encrypt with General SSL errors.

Your error is because your server cannot make an SSL connection to jquery.com, it has NOTHING to do with Let’s Encrypt.

But in the last error it appears that it made a connection for at least some of the time because it moved over 80k of a 200k file.

Plus I use this server (under another username) to store the most recent hourly backup of a database server in a different location.

All of those files move by SCP, so the server is capable of making sustained SSL connections to move those files. they are about 100mb every hour. As soon as the new one arrives the old one is deleted. In the event my database server dies I can always get the last backup from this server. So the OS has all the right tools for making SSL connections and it uses them every hour, 24 hours a day, 7 days a week.

I am then puzzled at why there would be a failure only here!

Could the problem be on the source server?

And if my server was not capable of making SSL connections, then how did it ever get the MIAB server loaded the first time?

And in the very last line of the last error I posted the error reads as “Read Error at byte 16384/84345 (Connection reset by peer)”. If there were no valid SSL connection then it should never have started the read operation.

Please explain better. You are not making any sense to me.

BKM

SCP is not SSL, it’s SSH backed. I am sorry but without looking at logs I am not sure what I could do to help. All I know is it’s not and issue with lets encrypt

Hi @BKM. This is a difficult problem to diagnose over a forum, and it is very likely to be a problem somewhere between you and jQuery and isn’t related to Mail-in-a-Box. You’re welcome to continue to work through it with folks here, but expect some frustration on everyone’s part because it’s a hard one to diagnose.

The only thing I can think to add is that scp uses the SSH protocol and not SSL, so that’s probably unrelated as well.

Since the HTTPS connection to jQuery.com worked at least once, as you noted, the problem probably isn’t a system configuration issue. It looks more like a network issue, which I guess could be a system configuration problem, but otherwise it’s something about the network you’re on, or something on jQuery’s end, or something in between.

2 Likes

Thank you. I can have the hosting provider evaluate the network at their end. I cannot do anything about the jquery end though. Maybe just keep trying to see if the interference dissipates.

Thanks for the better explanation. It helps me to look for a cause.

BKM

1 Like

My hosting provider couldn’t find anything wrong from a network perspective at their end, but they suggested forcing a different path of hops to the jquery server.

That seemed to do the trick. So, there was something wrong on one of the server hops in the path to the jquery server that (once bypassed) allowed everything to work as expected.

Thank you @JoshData for the necessary clues to finding a path to success. Also had to thank my hosting service provider for their outstanding assist on this one.

This can be closed.

BKM

1 Like

Good stuff! Also - Sorry for my short posts, glad everything is working now though!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.