Rocky, Alma, Springdale 9 QT Install: Difference between revisions
		
		
		
		Jump to navigation
		Jump to search
		
| No edit summary | |||
| (72 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| = | [[Main_Page#RHEL_9_&_Derivatives|Back]]<br> | ||
| =Enterprise Linux 9 Minimal Install=   | |||
| ==QMT Install ('Many-Domain')==   | ==QMT Install ('Many-Domain')==   | ||
|   <nowiki>#</nowiki> curl -o /usr/local/bin/ |   <nowiki>#</nowiki> curl -o /usr/local/bin/qt_install https://raw.githubusercontent.com/qmtoaster/scripts/master/qt_install_cos9.sh | ||
|   <nowiki>#</nowiki> chmod 755 /usr/local/bin/ |   <nowiki>#</nowiki> chmod 755 /usr/local/bin/qt_install | ||
|   <nowiki>#</nowiki> qt_install. |   <nowiki>#</nowiki> qt_install | ||
|     <span style="color:red"> ...installing... </span> | |||
|   <nowiki>#</nowiki> toaststat<br> |   <nowiki>#</nowiki> toaststat<br> | ||
|   Status of toaster services |   Status of toaster services | ||
| Line 13: | Line 15: | ||
|   submission/log: up (pid 1314) 1517 seconds<br> |   submission/log: up (pid 1314) 1517 seconds<br> | ||
|   systemd service:               clamd@scan:       [<span style="color:green"> OK </span>] |   systemd service:               clamd@scan:       [<span style="color:green"> OK </span>] | ||
|   systemd service:         clamav-freshclam:       [ OK ] |   systemd service:         clamav-freshclam:       [<span style="color:green"> OK </span>] | ||
|   systemd service:             spamassassin:       [ OK ] |   systemd service:             spamassassin:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                  dovecot:       [ OK ] |   systemd service:                  dovecot:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                  mariadb:       [ OK ] |   systemd service:                  mariadb:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                    httpd:       [ OK ] |   systemd service:                    httpd:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                    named:       [ OK ] |   systemd service:                    named:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                     ntpd:       [ OK ] |   systemd service:                     ntpd:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                     sshd:       [ OK ] |   systemd service:                     sshd:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                  network:       [ OK ] |   systemd service:                  network:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                    crond:       [ OK ] |   systemd service:                    crond:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                    acpid:       [ OK ] |   systemd service:                    acpid:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                      atd:       [ OK ] |   systemd service:                      atd:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                   autofs:       [ OK ] |   systemd service:                   autofs:       [<span style="color:green"> OK </span>] | ||
|   systemd service:                   smartd:       [ OK ] |   systemd service:                   smartd:       [<span style="color:green"> OK </span>] | ||
|   systemd service:               irqbalance:       [ OK ] (Multiple processors only) |   systemd service:               irqbalance:       [<span style="color:green"> OK </span>] (Multiple processors only)<br> | ||
|  <nowiki>#</nowiki> [https://raw.githubusercontent.com/qmtoaster/scripts/master/conntest conntest] | |||
|  Enter a valid remote email account to which QMT will send mail: <email address> | |||
|  IMAPS: postmaster@domain.tld --> <span style="color:green">success</span> | |||
|  Submission: postmaster@domain.tld --> <span style="color:green">success</span> | |||
|  SMTPS: postmaster@domain.tld --> <span style="color:green">success</span> | |||
|  [http://wiki.qmailtoaster.org/index.php?title=Simscan Scanners] | |||
|  [http://wiki.qmailtoaster.org/index.php?title=Alias_Domains Many Domain Install (Alias Domain)] | |||
|  Qmail-1.03-3.3.11 (OpenSSL3) | |||
|  [https://github.com/qmtoaster/patches/blob/master/EL9/README.md Patches] applied | |||
| == Install certificate == | |||
|   [[Certificate]] *Note: The certificate must be 2048 bits or more | |||
| == Test certificate == | |||
|   # curl --verbose smtps://mail.domain.tld | |||
|   # curl --verbose imaps://mail.domain.tld | |||
| or | |||
|   # openssl s_client mail.domain.tld:465 | |||
|   # openssl s_client mail.domain.tld:993  | |||
| <pre> | |||
| <nowiki>*</nowiki> Server certificate: | |||
| <nowiki>*</nowiki>  subject: CN=mail.domain.tld | |||
| <nowiki>*</nowiki>  start date: Jul 30 09:16:16 2024 GMT | |||
| <nowiki>*</nowiki>  expire date: Oct 28 09:16:15 2024 GMT | |||
| <nowiki>*</nowiki>  subjectAltName: host "mail.domain.tld" matched cert's "mail.domain.tld" | |||
| <nowiki>*</nowiki>  issuer: C=US; O=Let's Encrypt; CN=R11 | |||
| <nowiki>*</nowiki>  SSL certificate verify ok. | |||
| </pre> | |||
| If the following error is encountered when testing the new certificate the certificate is most likely less than 2048 bits | |||
|   806B7387577F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:354 | |||
| Usually Let's Encrypt certificates are at least 2048 bits, but encountering 256 bits keys is possible. Correct by specifying the number of bits: | |||
|   certbot renew --cert-name -d domain.tld -d mail.domain.tld --apache <span style="color:red">--rsa-key-size 2048 --key-type rsa</span> | |||
Latest revision as of 08:34, 18 October 2024
Enterprise Linux 9 Minimal Install
QMT Install ('Many-Domain')
# curl -o /usr/local/bin/qt_install https://raw.githubusercontent.com/qmtoaster/scripts/master/qt_install_cos9.sh # chmod 755 /usr/local/bin/qt_install # qt_install ...installing... # toaststat
Status of toaster services send: up (pid 1323) 1517 seconds smtp: up (pid 1324) 1517 seconds submission: up (pid 1325) 1517 seconds send/log: up (pid 1316) 1517 seconds smtp/log: up (pid 1311) 1517 seconds submission/log: up (pid 1314) 1517 seconds
systemd service: clamd@scan: [ OK ] systemd service: clamav-freshclam: [ OK ] systemd service: spamassassin: [ OK ] systemd service: dovecot: [ OK ] systemd service: mariadb: [ OK ] systemd service: httpd: [ OK ] systemd service: named: [ OK ] systemd service: ntpd: [ OK ] systemd service: sshd: [ OK ] systemd service: network: [ OK ] systemd service: crond: [ OK ] systemd service: acpid: [ OK ] systemd service: atd: [ OK ] systemd service: autofs: [ OK ] systemd service: smartd: [ OK ] systemd service: irqbalance: [ OK ] (Multiple processors only)
# conntest Enter a valid remote email account to which QMT will send mail: <email address> IMAPS: postmaster@domain.tld --> success Submission: postmaster@domain.tld --> success SMTPS: postmaster@domain.tld --> success
Scanners Many Domain Install (Alias Domain) Qmail-1.03-3.3.11 (OpenSSL3) Patches applied
Install certificate
Certificate *Note: The certificate must be 2048 bits or more
Test certificate
# curl --verbose smtps://mail.domain.tld # curl --verbose imaps://mail.domain.tld
or
# openssl s_client mail.domain.tld:465 # openssl s_client mail.domain.tld:993
* Server certificate: * subject: CN=mail.domain.tld * start date: Jul 30 09:16:16 2024 GMT * expire date: Oct 28 09:16:15 2024 GMT * subjectAltName: host "mail.domain.tld" matched cert's "mail.domain.tld" * issuer: C=US; O=Let's Encrypt; CN=R11 * SSL certificate verify ok.
If the following error is encountered when testing the new certificate the certificate is most likely less than 2048 bits
806B7387577F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:ssl/record/ssl3_record.c:354
Usually Let's Encrypt certificates are at least 2048 bits, but encountering 256 bits keys is possible. Correct by specifying the number of bits:
certbot renew --cert-name -d domain.tld -d mail.domain.tld --apache --rsa-key-size 2048 --key-type rsa