I use a master-slave Aegir architecture.
When I create a SSL site on the hostmaster everything is fine.
But when I create it on a slave server I get this warning:

touch(): Unable to create file /var/aegir/config/server_master/ssl.d/test.dev/test.dev.receipt because No such file or directory ssl.php:169

Extra info:

On the slave I have the openssl.crt & openssl.key but no test.dev.receipt for the /var/aegir/config/server_slave/ssl.d/test.dev.

On the hostmaster I have the openssl.crt, openssl.key & hostmaster.dev.receipt for the /var/aegir/config/server_master/ssl.d/hostmaster.dev.

Also on the hostmaster I have the openssl.crt & openssl.key but no test.dev.receipt for the /var/aegir/config/server_slave/ssl.d/test.dev.

CommentFileSizeAuthor
#6 ssl_on_slave_server-2448809-6.patch842 bytesmillaraj

Comments

tvl’s picture

tvl commented
Issue summary: View changes
helmo’s picture

helmo commented
Title: SSL on client server, touch(): Unable to create file » SSL on slave server, touch(): Unable to create file
Version: 6.x-2.1 » 7.x-3.x-dev
Issue summary: View changes
Issue tags: +aegir-ssl

Tagging.
Renaming server-client to master-slave for consistency.

helmo’s picture

helmo commented

See Provision_Config_Http_Ssl_Site:write() from http/Provision/Config/Http/Ssl/Site.php

      // Sync the key directory to the remote server.
      $this->data['server']->sync($path, array(
       'exclude' => "{$path}/*.receipt",  // Don't need to synch the receipts
     ));

That would explain the 'missing' receipt file on the slave.

millaraj’s picture

millaraj commented

Confirming for 6.x-2.4. Receipts not being created on either the hostmaster or slave servers. Directories and keys appear to be generated without issue.

millaraj’s picture

millaraj commented

There's a bug in provision/http/Provision/Service/http/ssl.php

$path = $site->platform->server->http_ssld_path . "/" . $ssl_key . "/" . $site->uri . ".receipt";

should be

$path = $site->data[server]->http_ssld_path . "/" . $ssl_key . "/" . $site->uri . ".receipt";

millaraj’s picture

millaraj commented
StatusFileSize
new ssl_on_slave_server-2448809-6.patch842 bytes

Patch against latest 6.x-2.x branch.

millaraj’s picture

millaraj commented
Status: Active » Needs review
pauleb’s picture

pauleb commented

The patch works great for me. Thanks!

  • Jon Pugh committed 77eddf9 on 6.x-2.x authored by millaraj 
    Issue #2448809 by millaraj: SSL on slave server, touch(): Unable to...
jon pugh’s picture

jon pugh
he/him
Primary language English
Location Newburgh, NY
commented
Status: Needs review » Fixed

Looks great, thanks millaraj!!

Committed and pushed to 6.x-2.x and 7.x-3.x

  • Jon Pugh committed 35907b2 on 7.x-3.x authored by millaraj 
    Issue #2448809 by millaraj: SSL on slave server, touch(): Unable to...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

gboudrias’s picture

gboudrias commented
Issue tags: +Aegir 3.2
avpaderno’s picture

avpaderno
he/him
Primary language Italian
Location Brescia, 🇮🇹 🇪🇺
commented
Issue tags: -#ssl