1

Topic: Nginx not Starting after installing the SSL certificates

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.2.1 MARIADB edition.
- Deployed with iRedMail Easy or the downloadable installer?
- Linux/BSD distribution name and version: Downloadable Installer
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDB
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

So it's a long story, but I'll keep it short. A long while ago, installed iRedMail on my domain and it was working perfectly (also followed most of the steps, I guess, regarding SSL, except for the cron which I had no idea about). After my certificate had expired, without following the official steps mentioned in the iRedMail documentations

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Nginx not Starting after installing the SSL certificates

What does nginx -t tell you?

3 (edited by smameed 2020-11-30 04:07:22)

Re: Nginx not Starting after installing the SSL certificates

Beejango wrote:

What does nginx -t tell you?

nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/iRedMail.key") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/private/iRedMail.key','r') error:20074002:BIO routines:file_ctrl:system lib error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib)
nginx: configuration file /etc/nginx/nginx.conf test failed

[Edit:]
I've checked the location "/etc/ssl/private/iRedMail.key" and it exists as a symlink to the location "/etc/letsencrypt/live/<mydomain>/privatekey.pem".
Also, I just realized, I've misspelled my domain while obtaining the certificate, I believe I might need some help for that as well

4 (edited by smameed 2020-11-30 12:33:34)

Re: Nginx not Starting after installing the SSL certificates

smameed wrote:
Beejango wrote:

What does nginx -t tell you?

nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/iRedMail.key") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/private/iRedMail.key','r') error:20074002:BIO routines:file_ctrl:system lib error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib)
nginx: configuration file /etc/nginx/nginx.conf test failed

[Edit:]
I've checked the location "/etc/ssl/private/iRedMail.key" and it exists as a symlink to the location "/etc/letsencrypt/live/<mydomain>/privatekey.pem".
Also, I just realized, I've misspelled my domain while obtaining the certificate, I believe I might need some help for that as well

Seems like I've also done something terrible. I had, at one point, used the --nginx argument for the certbot which, seems to not play well with the nginx config files from iRedMail. Anywhere I can get hold of the original config file so I can replace the contents adulterated by certbot?

[nginx config file]:
user www-data;
worker_processes 1;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
}

http {
    include /etc/nginx/conf-enabled/*.conf;
    include /etc/nginx/sites-enabled/*.conf;
}

5

Re: Nginx not Starting after installing the SSL certificates

smameed wrote:
Beejango wrote:

What does nginx -t tell you?

nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/iRedMail.key") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/private/iRedMail.key','r') error:20074002:BIO routines:file_ctrl:system lib error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib)
nginx: configuration file /etc/nginx/nginx.conf test failed

[Edit:]
I've checked the location "/etc/ssl/private/iRedMail.key" and it exists as a symlink to the location "/etc/letsencrypt/live/<mydomain>/privatekey.pem".
Also, I just realized, I've misspelled my domain while obtaining the certificate, I believe I might need some help for that as well

You can unlink those symlinks like:

unlink /etc/ssl/certs/iRedMail.crt
unlink /etc/ssl/private/iRedMail.key

redo symlinks with correct domain.

6

Re: Nginx not Starting after installing the SSL certificates

smameed wrote:

Anywhere I can get hold of the original config file so I can replace the contents adulterated by certbot?

Setup a VM and install iRedMail, then you can get same setup in this VM.

7

Re: Nginx not Starting after installing the SSL certificates

Is there any way that I may backup my existing emails from this messed up setup as I do have some important ones that must be safeguarded, and then redo this entire setup from the beginning?