[solved] Broken SSL After PHP 7.4 install on Debian 9

jimdunn · September 16, 2020, 3:47am

Well, I decided to take the plunge. I installed PHP 7.4 on my Debian 9 to give me until 2022 to deal with either.

The install process of PHP 7.4 was simple/clean. Then the “Re-configure” in Virtualmin went smoothly.

Then, I ran this script suggested by IIia:

#!/bin/sh
doms=$(virtualmin list-domains --with-feature web --name-only --no-alias)
for dom in $doms; do
  /usr/sbin/virtualmin disable-feature --domain $dom --web --ssl --logrotate --webalizer
  /usr/sbin/virtualmin enable-feature  --domain $dom --web --ssl --logrotate --webalizer
done

And that’s when everything started breaking. About half of my 150 domains got an SSL error and disabled SSL:

Changing IP address of virtual website … … done


Adding new SSL virtual website …

… certificate file is not valid : Line 31 does not look like PEM format
Saving server details …

… done
Applying web server configuration …

… done

Re-loading Webmin … … done

Then, when I tried to re-enable SSL, it would fail.

SOLUTION: I had to delete the /home/domain1.com/ssl* files. Then I was able to re-enable the SSL in “Edit Virtual Server -> Enabled features”.

Whew.

calport · September 16, 2020, 4:00am

Good to know, @jimdunn. Thanks for sharing the workaround.

Ilia · September 16, 2020, 8:45am

The mentioned command above is a general example command of how it could be used for a mass operations. I don’t believe it can break anything beyond it’s already broken.

Considering you have 150 domains with broken SSL certificates and you need to update them, here is what you could do:

#!/bin/sh
doms=$(virtualmin list-domains --with-feature ssl --name-only --no-alias)
for dom in $doms; do
   # Disable SSL feature
   virtualmin disable-feature --domain $dom --ssl

   # Remove existing SSL certificates by default name
   home=$(virtualmin list-domains --domain $dom --home-only)
   rm -f $home/ssl.*

   # Re-enable SSL feature
   virtualmin enable-feature --domain $dom --ssl 
done

jimdunn · September 18, 2020, 1:32am

Actually, here’s a “less hammer more scalpel” approach:

#!/bin/sh


/usr/sbin/virtualmin list-domains --with-feature web --name-only --no-alias > ./jjj.dat

doms=$(cat ./jjj.dat) for dom in $doms; do echo ------------------------------------------------------------------------- echo $dom echo ------------------------------------------------------------------------- virtualmin modify-web --domain $dom --php-version 7.4 done

system · September 22, 2020, 1:32am

This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.