Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx - own certificates with your own CA #3718

Closed
ggadmin1 opened this issue Jan 22, 2024 · 7 comments
Closed

Nginx - own certificates with your own CA #3718

ggadmin1 opened this issue Jan 22, 2024 · 7 comments

Comments

@ggadmin1
Copy link

Hello everyone,

We have our own CA in the domain and I would like to deposit my own certificate for Freescout.

We only use the ticket system internally. Do you have instructions on what I have to do?

PHP version: PHP 8.1.2-1ubuntu2.14
FreeScout version: 1.8.118
Database: Mysql (8.0.35-0ubuntu0.22.04.1)
Are you using CloudFlare: No
@7ergei
Copy link

7ergei commented Jan 22, 2024

I've same purpose of using the system and here is probably not the most detailed but informative guide I've documented to myself of "how-to":

Installation done:

Ubuntu 22.04 installed.

Configured Name & IP (https://tecadmin.net/how-to-configure-static-ip-address-on-ubuntu-22-04/),
sudo hostnamectl set-hostname fshdesk
hostname
sudo nano /etc/netplan/01-netcfg.yaml
sudo netplan apply

Installed Freescout via github installation procedure with ubuntu.sh script.
nano /etc/nginx/sites-available/test123.com
ln -s /etc/nginx/sites-available/test123.com /etc/nginx/sites-enabled/
nginx -t
systemctl restart nginx

Created self-signed certificate and all around SSL - https://www.techrepublic.com/article/how-to-enable-ssl-on-nginx/
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt

SSL config:
sudo nano /etc/nginx/snippets/self-signed.conf

In that file added following contents:
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;

New file:
sudo nano /etc/nginx/snippets/ssl-params.conf

Added following contents:

ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off; # Requires nginx >= 1.5.9
# ssl_stapling on; # Requires nginx >= 1.3.7
# ssl_stapling_verify on; # Requires nginx => 1.3.7
resolver 172.25.0.5 10.3.10.39 valid=300s;
resolver_timeout 5s;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

Generate dhparam.pem
sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

Creating Virtual Host:
sudo nano /etc/nginx/sites-available/test123.com
sudo systemctl restart nginx

Config MySQL DB:
mysql -v
CREATE USER 'blahblahblah'@'localhost' IDENTIFIED BY 'se7enFeb';
GRANT ALL ON . TO 'blahblahblah'@'localhost';

Config permissions:
sudo chown -R www-data:www-data /var/www/html

*Begin the web-setup, and if needed create additional Admin user (if you can’t login after the web-setup completed on initial login!).
sudo -E -u www-data php /var/www/html/artisan freescout:create-user --role admin --firstName Second --lastName Admin --email blahblahblah@test123.com --password 12345678 --no-interaction

Menu not working – fixed:
php /var/www/html/artisan storage:link

@ggadmin1
Copy link
Author

Hello,

first of all thank you for your help.
I've managed so far with the certificates.

The only problem I have now is that when I open the page it looks like this:

image

Do I need to adjust something here now?

System previously ran over http

@7ergei
Copy link

7ergei commented Jan 23, 2024

I've had the same, but could not found a solution so just re-installed with https as initial setup.

@ggadmin1
Copy link
Author

ggadmin1 commented Jan 23, 2024
edited
Loading

Hello 7ergei,

thanks for your support.

However, there should be a way to switch it back here.

@SupportTeam:
Do you know where you need to adjust something here?

@ggadmin1
Copy link
Author

@7ergei:

I found it:

find /var/www/html/ -type f -exec sed -i 's/http:/https:/g' {} ;

So it will works!

@ggadmin1 ggadmin1 reopened this Jan 23, 2024
@ggadmin1
Copy link
Author

ggadmin1 commented Jan 23, 2024
edited
Loading

@freescout-helpdesk:
So in principle freescout would work again.

However, when we want to open tickets we get an error message. I looked these up in the log:

[2024-01-23 09:41:21] production.ERROR: unserialize(): Error at offset 43244 of 43249 bytes (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) {"userId":2,"email":"","exception":"[object] (ErrorException(code: 0): unserialize(): Error at offset 43244 of 43249 bytes (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) at /var/www/html/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php:73, ErrorException(code: 0): unserialize(): Error at offset 43244 of 43249 bytes (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) at /var/www/html/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php:73, ErrorException(code: 0): unserialize(): Error at offset 43244 of 43249 bytes (View: /var/www/html/resources/views/conversations/partials/thread.blade.php) at /var/www/html/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php:73, ErrorException(code: 0): unserialize(): Error at offset 43244 of 43249 bytes at /var/www/html/vendor/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php:73)
[stacktrace]
#0 /var/www/html/vendor/laravel/framework/src/Illuminate/View/Engines/PhpEngine.php(45): Illuminate\View\Engines\CompilerEngine->handleViewException()
#1 /var/www/html/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(59): Illuminate\View\Engines\PhpEngine->evaluatePath()
#2 /var/www/html/overrides/laravel/framework/src/Illuminate/View/View.php(137): Illuminate\View\Engines\CompilerEngine->get()
#3 /var/www/html/overrides/laravel/framework/src/Illuminate/View/View.php(120): Illuminate\View\View->getContents()
#4 /var/www/html/overrides/laravel/framework/src/Illuminate/View/View.php(85): Illuminate\View\View->renderContents()
#5 /var/www/html/vendor/laravel/framework/src/Illuminate/Http/Response.php(42): Illuminate\View\View->render()
#6 /var/www/html/overrides/symfony/http-foundation/Response.php(206): Illuminate\Http\Response->setContent()
#7 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(724): Symfony\Component\HttpFoundation\Response->__construct()
#8 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(698): Illuminate\Routing\Router::toResponse()
#9 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(658): Illuminate\Routing\Router->prepareResponse()
#10 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Routing\Router->Illuminate\Routing\{closure}()
#11 /var/www/html/app/Http/Middleware/CustomHandle.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#12 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\CustomHandle->handle()
#13 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#14 /var/www/html/app/Http/Middleware/FrameGuard.php(14): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#15 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\FrameGuard->handle()
#16 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#17 /var/www/html/app/Http/Middleware/LogoutIfDeleted.php(28): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#18 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\LogoutIfDeleted->handle()
#19 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#20 /var/www/html/app/Http/Middleware/Localize.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#21 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\Localize->handle()
#22 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#23 /var/www/html/app/Http/Middleware/HttpsRedirect.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#24 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\HttpsRedirect->handle()
#25 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#26 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#27 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Routing\Middleware\SubstituteBindings->handle()
#28 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#29 /var/www/html/overrides/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(45): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#30 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Auth\Middleware\Authenticate->handle()
#31 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#32 /var/www/html/overrides/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(67): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#33 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\VerifyCsrfToken->handle()
#34 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#35 /var/www/html/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#36 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\View\Middleware\ShareErrorsFromSession->handle()
#37 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#38 /var/www/html/app/Http/Middleware/TokenAuth.php(32): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#39 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\TokenAuth->handle()
#40 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#41 /var/www/html/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(63): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#42 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Session\Middleware\StartSession->handle()
#43 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#44 /var/www/html/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#45 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle()
#46 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#47 /var/www/html/overrides/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(61): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#48 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Cookie\Middleware\EncryptCookies->handle()
#49 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#50 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#51 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(660): Illuminate\Pipeline\Pipeline->then()
#52 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(635): Illuminate\Routing\Router->runRouteWithinStack()
#53 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(601): Illuminate\Routing\Router->runRoute()
#54 /var/www/html/overrides/laravel/framework/src/Illuminate/Routing/Router.php(590): Illuminate\Routing\Router->dispatchToRoute()
#55 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch()
#56 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}()
#57 /var/www/html/app/Http/Middleware/TerminateHandler.php(12): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#58 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\TerminateHandler->handle()
#59 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#60 /var/www/html/app/Http/Middleware/ResponseHeaders.php(11): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#61 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): App\Http\Middleware\ResponseHeaders->handle()
#62 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#63 /var/www/html/vendor/fideloper/proxy/src/TrustProxies.php(56): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#64 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Fideloper\Proxy\TrustProxies->handle()
#65 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#66 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(30): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#67 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#68 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#69 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(30): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#70 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle()
#71 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#72 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#73 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\ValidatePostSize->handle()
#74 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#75 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#76 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(149): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle()
#77 /var/www/html/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}()
#78 /var/www/html/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}()
#79 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\Pipeline\Pipeline->then()
#80 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter()
#81 /var/www/html/public/index.php(83): Illuminate\Foundation\Http\Kernel->handle()
#82 {main}
"}

Even with our admin account you can no longer find it because the error message appears.

@freescout-helpdesk freescout-helpdesk mentioned this issue Jan 23, 2024
Closed
@ggadmin1
Copy link
Author

Hello Togheter,

problem is fixed..i will close the issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@7ergei @ggadmin1