Hi, I noticed that I can log in to an email program with a simple password, even though I have two-factor authentication enabled everywhere (i.e. in Cloudron itself and in SnappyMail).
Is this a bug that you can log in just like that? After all, there are also app passwords....
U
userino
@userino
Posts
-
external email programs bypass two-factor authentication -
Can't get a new certificateI can't get a new Let's Encrypt certificate.
It gives me the following error:
cron Certificate install for XXXXX.XX failed { "domain": "XXXXX.XX", "errorMessage": "connect EHOSTUNREACH 2606:4700:60:0:f53d:5624:85c7:3a2c:443" } -
Can't get a new certificateI've talked with the support, and we could solve the problem.
However, I would like to provide a brief summary for all who are facing the same issue.
The issue was that cloudron attempted to connect with Let's Encrypt via IPv6, which, of course, didn't work out. Therefore, it couldn't get a new certificate.You can see this if you run the command:
host acme-v02.api.letsencrypt.orgdirectly in your server shell.
Then it should print something like:
acme-v02.api.letsencrypt.org is an alias for prod.api.letsencrypt.org.
prod.api.letsencrypt.org is an alias for ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com.
ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com has address 172.65.32.248
ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com has IPv6 address 2606:4700:60:0:f53d:5624:85c7:3a2cThis was the case, so I knew, that I have to disable IPv6. To do so, run:
sysctl -w net.ipv6.conf.all.disable_ipv6=1This should disable IPv6 and solve the problem.
I would like to thank Jonas from the support team, who helped me resolve the issues and also wrote all of these commands.