New iRedMail Installation: Failed authorization procedure

If you run

chmod 644 /etc/letsencrypt/live/mail.freeholdcomputertech.com/*

They should then be readable

jim@mail:~$ sudo chmod -R +r /etc/letsencrypt/live/mail.freeholdcomputertech.com/
jim@mail:~$ apachectl -t
AH00526: Syntax error on line 34 of /etc/apache2/sites-enabled/default-ssl.conf:
SSLCertificateFile: file ‘/etc/letsencrypt/live/mail.freeholdcomputertech.com/fullchain.pem’ does not exist or is empty
Action ‘-t’ failed.
The Apache error log may have more information.

What are the permissions on the files ?

ls -l /etc/letsencrypt/live/mail.freeholdcomputertech.com/

sudo ls -l /etc/letsencrypt/live/mail.freeholdcomputertech.com/
total 0
lrwxrwxrwx 1 root root 53 Jan 31 15:35 cert.pem -> …/…/archive/mail.freeholdcomputertech.com/cert1.pem
lrwxrwxrwx 1 root root 54 Jan 31 15:35 chain.pem -> …/…/archive/mail.freeholdcomputertech.com/chain1.pem
lrwxrwxrwx 1 root root 58 Jan 31 15:35 fullchain.pem -> …/…/archive/mail.freeholdcomputertech.com/fullchain1.pem
lrwxrwxrwx 1 root root 56 Jan 31 15:35 privkey.pem -> …/…/archive/mail.freeholdcomputertech.com/privkey1.pem

Hello @JimW,

Even if you change the perms on /etc/letsencrypt/live/mail.freeholdcomputertech.com/ the dir /etc/letsencrypt/live/ is not world readable so you can't check your apache conf with an unprivileged user, (in this case with the user jim), instead use sudo to check apache conf:

sudo apachectl -t

Cheers,
sahsanu

Hi sahsanu…Thank you!

jim@mail:~$ sudo apachectl -t
Syntax OK

serverco / sahsanu: Should I now go back and un-comment the following 3- lines in /etc/apache2/sites-enabled/000-default.conf

RewriteEngine on
RewriteCond %{SERVER_NAME} =mail.freeholdcomputertech.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

and try again to start the apache service?

That acts on the symbolic links, not the underlying files; did you mean to suggest this for the equivalent in archive?

1 Like

Any suggestions as to how I should proceed at this point?

Sorry, was getting late over here before. Can you just restart apache now ?

No luck, when I try and restart apache:

jim@mail:~$ sudo systemctl reload apache2
[sudo] password for jim:
apache2.service is not active, cannot reload.

I was thinking…could the problem be that I am running Ubuntu 16.04 DESKTOP, and not SERVER, as my OS?

EDIT: I am inclined to think that it does not matter that I am running Ubuntu 16.04 DESKTOP, and not SERVER, as both articles that I used for instructions on the install consistently used “sudo” commands.

Articles that I used, in order, were/are:

  1. http://www.iredmail.org/docs/install.iredmail.on.debian.ubuntu.html
  2. https://www.linuxbabe.com/mail-server/ubuntu-16-04-iredmail-server-installation (used for obtaining and installing the Let’s Encrypt cert

desktop or server shouldn’t make any difference, as long as it has apache installed.

try “start” rather than “reload” since it isn’t running.

jim@mail:~$ sudo systemctl start apache2
[sudo] password for jim:
Job for apache2.service failed because the control process exited with error code. See “systemctl status apache2.service” and “journalctl -xe” for details.

Can you provide the details from those ?

Be happy to…how do I do that? I don’t know where those files are.

Run the commands it lists

sudo systemctl status apache2.service

and

sudo journalctl -xe

jim@mail:~$ sudo systemctl status apache2.service
● apache2.service - LSB: Apache2 web server
Loaded: loaded (/etc/init.d/apache2; bad; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: failed (Result: exit-code) since Wed 2017-02-01 01:52:56 EST; 4min 1s ago
Docs: man:systemd-sysv-generator(8)
Process: 14651 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)

Feb 01 01:52:56 mail apache2[14651]: * The apache2 configtest failed.
Feb 01 01:52:56 mail apache2[14651]: Output of config test was:
Feb 01 01:52:56 mail apache2[14651]: AH00526: Syntax error on line 29 of /etc/apache2/sites-enabled/000-default.conf:
Feb 01 01:52:56 mail apache2[14651]: Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration
Feb 01 01:52:56 mail apache2[14651]: Action ‘configtest’ failed.
Feb 01 01:52:56 mail apache2[14651]: The Apache error log may have more information.
Feb 01 01:52:56 mail systemd[1]: apache2.service: Control process exited, code=exited status=1
Feb 01 01:52:56 mail systemd[1]: Failed to start LSB: Apache2 web server.
Feb 01 01:52:56 mail systemd[1]: apache2.service: Unit entered failed state.
Feb 01 01:52:56 mail systemd[1]: apache2.service: Failed with result ‘exit-code’

and

jim@mail:~$ sudo journalctl -xe
Feb 01 01:52:56 mail apache2[14651]: * The apache2 configtest failed.
Feb 01 01:52:56 mail apache2[14651]: Output of config test was:
Feb 01 01:52:56 mail apache2[14651]: AH00526: Syntax error on line 29 of /etc/apache2/sites-enabled/000-default.conf:
Feb 01 01:52:56 mail apache2[14651]: Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration
Feb 01 01:52:56 mail apache2[14651]: Action ‘configtest’ failed.
Feb 01 01:52:56 mail apache2[14651]: The Apache error log may have more information.
Feb 01 01:52:56 mail systemd[1]: apache2.service: Control process exited, code=exited status=1
Feb 01 01:52:56 mail systemd[1]: Failed to start LSB: Apache2 web server.
– Subject: Unit apache2.service has failed
– Defined-By: systemd
– Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

– Unit apache2.service has failed.

– The result is failed.
Feb 01 01:52:56 mail systemd[1]: apache2.service: Unit entered failed state.
Feb 01 01:52:56 mail systemd[1]: apache2.service: Failed with result ‘exit-code’.
Feb 01 01:52:56 mail sudo[14647]: pam_unix(sudo:session): session closed for user root
Feb 01 01:56:58 mail sudo[14698]: jim : TTY=pts/4 ; PWD=/home/jim ; USER=root ; COMMAND=/bin/systemctl status apache2.service
Feb 01 01:56:58 mail sudo[14698]: pam_unix(sudo:session): session opened for user root by (uid=0)
Feb 01 01:56:58 mail sudo[14698]: pam_unix(sudo:session): session closed for user root
Feb 01 01:57:35 mail sudo[14706]: jim : TTY=pts/4 ; PWD=/home/jim ; USER=root ; COMMAND=/bin/journalctl -xe
Feb 01 01:57:36 mail sudo[14706]: pam_unix(sudo:session): session opened for user root by (uid=0)

Odd that still has the same error in the config as before about the “RewriteEngine”

Did you leave this commented out ? or have you uncommented it again ?
does the “sudo apachectl -t” still pass the test ?

I un-commented those 3 lines.

Re “sudo apachectl -t”:

jim@mail:~$ sudo apachectl -t
AH00526: Syntax error on line 29 of /etc/apache2/sites-enabled/000-default.conf:
Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration
Action ‘-t’ failed.
The Apache error log may have more information

OK, can you comment them out please. Then test to see if the config is valid (sudo apachectl -t) if so then try starting apache ( sudo service apache2 start )

If the config isn’t valid, then please let me know what the new errors are.

jim@mail:~$ sudo nano /etc/apache2/sites-enabled/000-default.conf
jim@mail:~$ sudo apachectl -t
Syntax OK

jim@mail:~$ sudo service apache2 start
jim@mail:~$

:slight_smile: Progress!

SERVERCO: I have reached the maximum number of replies for my 1st day here, and have to wait 6 hours before posting another reply. Here is my reply to your latest post:

Hmmm…so close…

Now I CAN browse to both:

https://mail.freeholdcomputertech.com/mail/ and
https://mail.freeholdcomputertech.com/iredadmin

on the server, however, I can NOT browse to either URL from my workstation. Chrome throws back the following on my workstation:

This site can’t be reached

mail.freeholdcomputertech.com refused to connect.
Try:
Checking the connection
Checking the proxy and the firewall