• If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Announcement

Collapse
No announcement yet.

Problem with SSL Certificate

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problem with SSL Certificate

    Hello,

    I am currently trying to load the SSL Certificate created by Let's Encrypt. I read the other article on how to set it up, by creating the files domain.pem & CA.pem and I tried openssl s_client -connect which seems to be working. Only Problem is that I get the Error ERR_EMPTY_RESPONSE and can't figure out whats the problem.

    Has anyone encountered this problem before and can provide a solution?

    Thanks in Advance
    Hagen

  • #2
    Hello Hagen,

    We did not face any issues when using Let's Encrypt certificates. From your report I understand that the error you are receiving is for the WebMail interface. if this is correct, please confirm:
    • What browser are you using?
    • Is this problem replicated when using another browser (like FireFox / Edge)?
    • Does the non SSL (like http://....) listener working fine?
    It will be useful also if you could confirm the OS and Axigen version you are usinng as well as sharing the axigen.cfg file.

    BR,
    Ioan

    Comment


    • #3
      Hello Indreias,

      thanks for the reply, I wasn't sure my post made it through to be honest.

      I tried it in Google Chrome and Firefox: In Chrome I get the error I mentioned before in Firefox I get "The connection was reset".
      The normal Webmailer is not a problem it works like a charm. Only when I enable ssl I can't access it anymore, I also tried the default
      certificate axigen_cert.pem it is also not working.

      The Operating System is CentOS 7
      Axigen server version: 10.1.5 (Linux/x64)

      Thanks in Advance

      Best Regards
      Hagen

      Comment


      • #4
        Hello Hagen,

        From what I've understand from the shared content of axigen.cfg it looks you did not "enable SSL" on this listener (178.254.43.63:81). This should be done vie WebAdmin > edit listener > click on SSL Settings > click on "Enable SSL for this listener"

        HTH,
        Ioan

        Comment


        • #5
          Hello indreias,

          thank you, you are indeed correct problem is I encounter the problem that I enable SSL and save the configuration. It didn't change in the .cfg. Then I restart the service and the box is empty again. Do you have any idea why that is?

          best regards
          Haagen

          Comment


          • #6
            Hello Haagen,

            Let's see what permissions you have on axogen.cfg file - it should be +rw for axigen user >> could you confirm?

            For example, on one of our test machines we have:
            Code:
            [root@node9 tmp]# ls -rtl /var/opt/axigen/run/axigen.cfg
            -rw-r-----. 1 axigen axigen 66413 Jan 11 15:16 /var/opt/axigen/run/axigen.cfg
            Are there any changes (for example if you add a new listener on 0.0.0.0:8888 for webmail service) saved in axigen.cfg?

            HTH,
            Ioan

            Comment


            • #7
              Hello,

              -rw-r----- 1 axigen axigen 45530 Jan 10 10:37 /var/opt/axigen/run/axigen.cfg

              this looks good to me. I tried adding the Listener and after the restart it was gone again. Seems to me that none of my changes in the webadmin are being saved.

              best regards
              Hagen

              Comment


              • #8
                Hello Hagen,

                Never heard till now similar reports when using CentOS 7 - nevertheless:

                1/ If SELinux is enabled >> could you check its audit log that it does not reject write access to axigen.cfg file?

                2/ Are there any error messages logged into messages or maillog log files?

                3/ What is happening if you manually change (in axigen.cfg)
                Code:
                sslEnable = yes
                for the webmail listener you have configured the SSL certificate and restart axigen (with service axigen restart)?

                Please advice.

                BR,
                Ioan

                Comment


                • #9
                  Hello again,

                  so I played around with it a little and now it seems to be working and doesn't get reset any more (I modified the axigen.cfg file manually and suddenly I could also modify it with webadmin). Also in our case it didn't forward to https but instead tried to make the request via http that is why we got the error.

                  So this topic can be closed thanks again.

                  Best regards
                  Hagen

                  Comment

                  Working...
                  X