Hello everyone, I'm having a problem with my setup that I will be very grateful to acquire some assistance with troubleshooting

I have been trying to set up a mailserver on a linode. This is basically my first time attempting to set something like this up. I'm very new to all this.

After reading through the linode library, it seemed like a good idea to set up Citadel as the mailserver and then put Squirrelmail overtop of it to access the emails. However I ran into some problems.

I started by following this guide

http://library.linode.com/email/citadel ... 0.04-lucid

It is on a domain of classicneighbourhoods.com . At the end of the guide I expected to see the Citadel panel at https://classic.classicneighbourhoods.com as per the setup. This however was giving a page not found error.

Things of note in terms of deviations from the guide is that the following two items were not there as the instructions said they would be:

- /usr/share/citadel-server/messages/hello (the whole messages directory does not seem to be there)

- etc/mailname (I added this in manually though and put in the values as instructed)

I changed the ports in the Citadel setup to 8080 for HTTP or 4343 for HTTPS as per instructions at the top of the guide for situations where the mailserver is running alongside an apache2 webserver.

The installation of Citadel as per the guide proceeded as planned and no errors were given. Citadel responds to restart and other commands as expected.

At this point I contacted support and was instructed to add an A record (which was missing) for the classic.classicneighbourhoods.com domain. I did this , but to no luck

classic.classicneighbourhoods.com resolves to the public_html folder when entered without https:// . When entered with Https:// it got a page not found.

Again I contacted support and they instructed me to enable ssl. So I did.. I ran the command to start the ssl module and that worked correctly.

Now when I go to https://classic.classicneighbourhoods.com domain it gives the following error:

An error occurred during a connection to classic.classicneighbourhoods.com.

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

At this point I am stuck. A linode support agent directed me to take a look at the following stack overflow thread on a similar sounding issue

http://stackoverflow.com/questions/1193 ... apache-ssl

However, being rather new at this, I feel completly over my head in attempting to apply what is being discussed in that thread to how to fix my problem here.

I would appreciate any help in the matter.

p.s I know posting a cry for help as the first post on a forum is generally bad etiquette and I feel bad about this. In this regard, hello to everyone, I hope to continue using linode to host websites in the future and being a part of your community. If all goes well maybe one day I can help others as well after I wisen up a lot.

I had no serious issues that I can recall with Citadel. It sounds like maybe there is some confusion in routing between the Apache and the Citadel ports.

Try stopping Apache for a test, hit the URLs that you think should be valid for Citadel.

Citadel runs its own Apache installation if IIRC so just make sure the two do not conflict.

Then again you might be trying to set it up differently than I did.

Good luck.

Hey jebblue, thank you for your reply

I stopped Apache then gave the htts://classic.classicneighbourhoods.com domain a run, but then it just gave the page not found reply in the same way as every other domain on the server with Apache down.

Not sure if that tells anything about what the setup issue may be or conflicts that might exist.

zoidberg:~ peter$ openssl s_client -connect classic.classicneighbourhoods.com:443
CONNECTED(00000003)
96611:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:604:
zoidberg:~ peter$

Either the SSLEngine isn't running correctly or it is not configured for this virtual host. The ssl_error_rx_record_too_long message is commonly caused by Firefox looking for an SSL response and choking on HTML. Check your Apache logs for errors.

_________________
/ Peter

In the apache2/error.log file it has this for each time I tried accessing that url

Invalid method in request \x16\x03\x01

Not really sure what this means in regards to ssl configuration though.

This explains it.

_________________
/ Peter

Ah, that does explain it... and the issue seems to be as you were saying as well. I did the telnet to port 443 test as on that page and it does indeed return HTML.

I tried changing _default_ to the ip address in the apache2/sites-available/default-ssl file as per what I think the instructions on that page were saying, but that does not seem to have changed anything. Not sure if I am going after the wrong file here, but I could not find the conf/extra/httpd-ssl.conf file referenced in the article, and the default-ssl file seems to have matching information.

There's Citadel which is the email server and there's Webcit which is their Web Interface.

All the config files I think should be at /etc/citadel.

The one that controls Webcit stuff is called webcit.conf. As far as an SSL port, my Webcit server is not accessible from the outside, if I wanted to make it so I would consider using Apache's Proxy forwarding like so:

in my /etc/apache2/conf.d/<pickyoursslfilename>.conf have the following pair:

ProxyPass /webcit http://127.0.0.1:8504/webcit
ProxyPassReverse /webcit http://127.0.0.1:8504/webcit

There might need to be a trailing slash.

This would use your regular Apache to fornt-end the Webcit instance and allow you to use one SSL certificate since the Webcit traffic is getting proxied through the main Apache server.

That approach can be used with any backend server that serve web content, Tomcat, a Ruby server, etc, front end it with Apache and you only need one certificate or only need to configure the certificate in one place anyway.

I keep thinking this is something to do with the ports its accessing... since Apache2 is running on the same server. Ie in the setup of Citadel I put in port 4343 for SSL, but I'm thinking there is a problem somewhere along the lines.

When I go to just http://classic.classicneighbourhoods.com it reads the html from the public_html folder that classicneighbourhoods.com domain is linked to. Perhaps it is not routing correctly and bringing up the same info in the https as well.

On this site it mentions to test port 443, but I figure in my case it should be port 4343, though I cannot connect to it through telnet as per that style test.

In the method you have reccomended, what does the file under

/etc/apache2/conf.d/<pickyoursslfilename>.conf

need to be called? Do I put in any name for the ssl filename or does it have to be something specific to the setup?

Again thank you for your help everyone. I'm trying to learn as I go here but Im still quite new to setting up a mailserver like this.

Ok, got this solved.

Not sure if its the absolutely best solution but it seems to have worked.

Stopped Apache from listening to port 443, and reconfigured Citadel away from 4343 to listen to port 443 instead, and all seems to have worked out thus far.

Continuing with email setup now, hopefully the rest goes smooth.

Thanks for input everyone.