MESSENGERV2 needs to regenerate csf.messenger.conf on SSL changes

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
samedwards
Junior Member
Posts: 7
Joined: 16 Mar 2017, 01:06

MESSENGERV2 needs to regenerate csf.messenger.conf on SSL changes

Post by samedwards »

With MESSENGERV2 and MESSENGER_HTTPS enabled, any time a SSL certificate path changes (which with AutoSSL could be any time the AutoSSL process runs), the csf.messenger.conf file is then pointing to a non-existant file, which causes Apache to throw a syntax error and not start.

Unfortunately, it seems like there isn't currently a cPanel hook that will always catch every instance of an SSL certificate being installed/removed/modified. This is a challenge that's overcome in a rather kludgey way by other software I've seen by monitoring for changes of the /var/cpanel/userdata/*/*_SSL files and regenerating on those. A working, but not ideal solution.

For now, I am going to disable HTTPS for MESSENGERV2 by setting MESSENGER_HTTPS_IN to "", but I think the first step in a solution here is the ability to call just the MESSENGERV2 subroutine from the command line, which could then be connected to a cPanel hook (should an appropriate one become available), or integrated with another solution.

Thanks,
Sam
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: MESSENGERV2 needs to regenerate csf.messenger.conf on SSL changes

Post by ForumAdmin »

Thank you for reporting this. We've a few ideas on how to work around this and will hopefully have a solution soon.
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: MESSENGERV2 needs to regenerate csf.messenger.conf on SSL changes

Post by ForumAdmin »

We've implemented a workaround in v10.19:
https://blog.configserver.com/
Post Reply