Failed to create SSL context : Invalid argument at /usr/libexec/webmin/miniserv.pl line 4383

same error

Failed to create SSL context : Invalid argument at /usr/libexec/webmin/miniserv.pl line 4381

Its not only the logs, its the overal look and feel. It seems “messy” to me. Hard to put the finger on it exactly. And i miss the “previous commands” and form fill history in the “others - Command Shell”. arrow-up in authentic theme gives ssh previous commands.

I wanted to upload the tarball and get “Sorry, the file you are trying to upload is not authorized (authorized extensions: jpg, jpeg, png, gif).”

Regards
Jan

@Joe Could we add .tar/.zip as allowed extensions?

@Linulex You could upload it to Google Drive for example and send me the link for now as such?

Missing Command Shell module…

There is inbuilt “drop-down” command shell interface in Authentic Theme, and history can be accessed with arrows up/down, searched with Ctrl+R. (Like normal console). You as well can use history, history -c and history -d commands. When used in Cloudmin, inbuilt command shell, uses currently chosen machine’s shell module automatically.

Would it help if you could access Others/Command Shell like normal module, without triggering inbuilt command shell to drop down?

yes that would help a lot. The inbuild shell is the same as ssh and for that exists putty, or realvnc.

logs not “clipped” in a window would help allot also.

regards
Jan

As(s) old school as i am, i would rather not upload private data to a company that makes zillions from selling peoples private data.

I have uploaded it to a website on the server itself. (same ssl btw).

https://mijnssl.com/vendor_perl.tgz

As i said before, i am willing to pay for support to get this solved and can give access to the server.
I am looking into this because i want to start using cloudmin as our vps management system for our “full managed kvm plesk cloud servers”. (what a mounthfull hollow marketing bs, isnt “vps” ok anymore?) If payment is what you need, you have an order for cloudmin tomorrow. vmware is overpriced and solusvm is bought by plesk …

And, in all honesty, i never believe i am the only plesk user that also uses webmin along side plesk for server maintenance.

Nice, but i haven’t fount it yet. My idea would be a config switch:

  • old stile
  • new style

and let ppl choose for themselve

sorry for the typo’s, it early morning here, its holliday and i am a bit …

Kind regards
Jan

Latest commit to theme repo adds it (19.44-4). Now you can use both old-style Command Shell module and new drop-down terminal.

Logs not “clipped” in a window would help allot also.

What does that mean? :slightly_smiling_face: If you mean when viewing log files, do not wrap the lines - it’s already not by default. However, you can make it wrapped (the option will now also be remembered upon page reload in browser), by clicking Ctrl+Alt+W hot key.

I would rather not upload private data to a company that makes zillions from selling peoples private data.

Whom you are referring exactly?

I am willing to pay for support to get this solved and can give access to the server.

I would like to have a look and see what’s happening out of curiosity.

And, in all honesty, I never believe I am the only Plesk user that also uses Webmin along side with Plesk for server maintenance.

That is mostly, I believe, because people didn’t try combination Webmin+Virtualmin prior to using Plesk. If they did, I bet they would stick to Virtualmin solution. Everything is more superior, but on the down-side, is slightly higher looking complexity (only for the first week though).


I would personally recommended you to try File Manger in Authentic Theme and see that you can actually work as if it was desktop product, using keyboard for navigation and tons of useful shortcuts, along with super-powerful features.

That is just what i meant, thank you.
I see that the background of custom commands and command shell output is black. I always found that very hard to read. Editor color palette is set to “light” in the configuration.

The logs used to be the whole right window, now they are like in a text field. But i can live with that.

I will send the login in a private message. I need to “prepare” the server first. atm everything is forbidden by the firewall except from our own ip adresses.

I have been using plesk since 2000. Long before virtualmin existed. We have looked into it to switch, but migration from plesk was not possible back then and now all my clients are used to plesk. We even sponsored the inclusion of qmail in Virtualmin back in “Version 2.50 (10 Mar 2005)”.

I miss a few features in the authentic filemanager i use a lot (or i havent found them yet). Thats why i still use the java filemanager but lately more and more winscp.

  • enter a whole path for fast navigation, for example copy/paste a path out of a log or so.
  • upload a zip and unpack at the same time as a specific user, not the logged in user
  • find text in files

Regards
Jan

That would be possible to add as well.

Sure but no rush with that. I will be able to do it only in day or two due to upcoming holidays.

It’s possible already - right click on the path breadcrums on the top right and you got it (ti’s documented in help (button with question mark), on top left of the table header). You can copy path in clipboard using context menu.

It’s possible to upload and extract in two steps (so far), first upload and then extract. In case you are in user-home directory, the right user:group will be automatically applied (by default, or you can go to File Manager configuration and disable automatic switching to user-mode, and later lock to needed user manually).

It’s also already possible from search menu (Ctrl+F7) - find in results (you can even use regex):

I sent the login data.

I am testing with the authentic theme and there is still 1 think missing for me: when you open a menu, the one that is/was open, closes. I liked it that in the virtual server theme it was possible to open all menus that where needed.

Regards
Jan

What menu are you talking about in particular?

This problem is that the Perl being used to run Webmin doesn’t have Net::SSLeay module. I’d guess Plesk has its own Perl that squats on the path. Just make sure Webmin is started by the system Perl instead of the non-standard one.

The left menus. Webmin, System, Servers, Others, etc…

As far as i know, plesk doesnt use perl. The path to perl in every script, and set by /usr/libexec/webmin/perl-path.pl (i presume) is /usr/bin/perl wich exist and is the system default perl as far as i know.
/etc/webmin/perl-path also has /usr/bin/perl in it.

I did try to change that to /usr/bin/perl/perl5.16.3 but that didnt work.

Is there a way to test with what perl webmin starts? And if wrong, how can i change it? Or would add/copy net::ssleay to the perl that webmin is using also work?

Regards
Jan

Something is wrong with your Perl installation. If you’ve got the Net::SSLeay module installed from an RPM and you’ve got Perl installed from an RPM, both from the OS standard repository (it’s important they come from the same source, and I can generally only recommend the OS standard Perl packages), then the only explanation for why it isn’t working is that it’s looking in the wrong place (or it’s built against a different version of Perl and can’t load). Having another Perl installed from a different source can cause it, but I guess installing Net::SSLeay from non-standard packages could do it, too (I see you mentioned a bunch of Net::SSLeay packages above…where did all those come from? Just install the one provided by your OS!).

Don’t change it to perl5.16.3 (that’s the same version that comes with CentOS). /usr/bin/perl should be fine.

Let’s simplify:

What happens when you run this?

/usr/bin/perl -MNet::SSLeay -e 'print "OK\n";'

If it just says “OK”, you’ve got Net::SSLeay. If it spits out an error, you either don’t, or it’s broken (it’ll say “can’t locate” if you don’t have it, or an error if it’s a broken build of it). If you don’t have it, find out why your Perl is broken and fix it. You can check the Perl lib path with:

/usr/bin/perl -e 'print join "\n", @INC;'

Run’em as root, as Webmin is starting as root (though usually not with the normal environment of root).

I did had perl-Net-SSLeay 1.85-1.0.cf.rhel7 (wich worked fine untill i upgraded plesk).
I removed this and replaced it with the OS default perl-Net-SSLeay-1.55-6.el7.x86_64

/usr/bin/perl -MNet::SSLeay -e 'print "OK\n";' Gives OK

/usr/bin/perl -e 'print join "\n", @INC;' gives

/usr/local/lib64/perl5
/usr/local/share/perl5
/usr/lib64/perl5/vendor_perl
/usr/share/perl5/vendor_perl
/usr/lib64/perl5
/usr/share/perl5

service webmin restart (with ssl=1 in miniserv.conf) still gives
Stopping Webmin server in /usr/libexec/webmin
Starting Webmin server in /usr/libexec/webmin
Failed to create SSL context : Invalid argument at /usr/libexec/webmin/miniserv.pl line 4381.

So Net::SSLeay is found, its ok, but still webmin doesn’t find it for some reason or another.

I also tried entering all the paths into every field there is in Operating System and Environment, but still nothing.

I also tried adding all the perl paths to /root/.bash_profile, but also with no effect.

Regards
Jan

OK, so did the Plesk upgrade replace OpenSSL (which would require a rebuild of the Net::SSLeay module? I’m running out of ideas for what’s going on. I’ve never seen this problem before.

You could try doing an install of Net::SSLeay using CPAN (normally not something I would ever recommend, and it’s definitely not a good idea in the general case to mix and match module sources in a package-installed Perl, but I’m pretty much out of ideas…this just isn’t an area where problems come up when using system standard packages).

First happy newyear to all.

No, plesk did not replace the openssl version as far as i can see.

openssl version

OpenSSL 1.0.2k-fips 26 Jan 2017

]# rpm -qa | grep openssl
openssl-devel-1.0.2k-19.el7.x86_64
openssl-1.0.2k-19.el7.x86_64
openssl-libs-1.0.2k-19.el7.x86_64

I downloaded and installed the latest cpan new Net::SSLeay version, via the webmin perl module so i am sure webmin can see it.

Making and installing Net::SSLeay …
Untarring module file
Executing gunzip -c /tmp/.webmin/Net-SSLeay-1.88.tar.gz | tar xvf - …
Executing /usr/bin/perl Makefile.PL && make …
Executing make test …
All tests successful.
Files=40, Tests=3009, 8 wallclock secs ( 0.55 usr 0.15 sys + 6.49 cusr 1.22 csys = 8.41 CPU)
Result: PASS
Executing make install …

Files found in blib/arch: installing files in blib/lib into architecture dependent library tree
Appending installation info to /usr/lib64/perl5/perllocal.pod

Make, test and install of Net::SSLeay successful.

but still the same error:

service webmin restart

Stopping Webmin server in /usr/libexec/webmin
Starting Webmin server in /usr/libexec/webmin
Failed to create SSL context : Invalid argument at /usr/libexec/webmin/miniserv.pl line 4381.

regards
Jan

Logged in now and checking. Haven’t finished anything yet, but it looks like you have packages dependencies issues. I think one of the package installs were run with --skip-broken. That city-fan.org repo might be the cause of the issues.

I never installed anything with --skip-broken. The city-fan repo is only used to install a newer version of curl, it has a lot of higher versions of perl packages, but i never install those.
Net:ssleay was installed from city-fan but has been reverted to the centos default and on other servers city-fan net::ssleay is installed, but as long as plesk is 17.x all works fine, it brakes the moment i upgrade to 18.x.
But i can’t find what plesk has changed perl. Plesk is programmed in php and maybe a bit C++, not perl.
I had the ssl problem on a centos 6 after plesk was upgraded, but i didn’t spend any time on it then because centos 6 is eol.

regards
Jan

Okay, I think I have done more than I possibly could, to so solve this tricky issue.

The simple solution for your case, is to:

yum remove perl-Authen-PAM

Then you can use Webmin with SSL without any issue (done it for you).


Please @Linulex don’t change anything on this machine, I will pass this to @Jamie for further analysis.

Okay, now. Jamie, the problem is tracked down on this machine, when perl-Authen-PAM is installed (you would need to install it manually). After it’s installed, Webmin produces an error on restart:

[root@kvmtest242 perl5]# /etc/webmin/start
Starting Webmin server in /usr/libexec/webmin
Failed to create SSL context : Invalid argument at /usr/libexec/webmin/miniserv.pl line 4381.

I have given more debug and found out that line 145 on miniserv.pl, creates this error, and not, if commented out:

145:  $pamh->pam_authenticate()

It doesn’t happen on my virtual machines with perl-Authen-PAM installed, so I think that this could be part of either a bug or mis-configuration for PAM. If the latter, then it doesn’t matter, if it’s a bug, it should be addressed.

Have a look. It would be interesting to know what it is?

@Linulex

  1. Does it happen on another machines that doesn’t have Plesk?
  2. Does it happen on other machines with latest Plesk installed?