Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

[CPANEL-23772] Pure-FTPd Couldn't load the DH parameters file

Discussion in 'General Discussion' started by Spirogg, Feb 21, 2018.

Tags:
  1. Spirogg

    Spirogg Active Member

    Joined:
    Feb 21, 2018
    Messages:
    27
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    chicago
    cPanel Access Level:
    Root Administrator
    hi, I just installed WHM/Cpanel on my server : Centos 7

    when I go to Home >> Service Configuration >> FTP Server Selection

    I selected Pure-FTPD and hit Save

    then I got these errors in the logs below.

    I get 2 errors I am not sure how to fix these issues?

    Feb 21 03:02:14 server.xxxxx.com systemd[1]: tailwatchd.service: Supervising process 11108 which is not our child. We'll most likely not notice when it exits.

    Feb 21 03:02:16 server.xxxxx.com pure-ftpd[11312]: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem

    here is log
    Code:
    
    FTP Configuration
    Installing new FTP server.
    Disabling Chksrvd monitoring
    Waiting for “tailwatchd” to restart ………waiting for “tailwatchd” to initialize ………finished.
    
    Service Status
    tailwatchd (tailwatchd) is running as root with PID 11108 (systemd+/proc check method).
    tailwatchd (tailwatchd) running as root with PID 11108 (process table check method)
    tailwatchd (tailwatchd) running as root with PID 11108 (process table check method)
    
    Startup Log
    Feb 21 03:02:14 server.xxxxx.com systemd[1]: Starting tailwatchd...
    Feb 21 03:02:14 server.xxxxx.com restartsrv_tailwatchd[11101]: [Wed Feb 21 03:02:14 2018] Starting /usr/local/cpanel/libexec/tailwatch/tailwatchd daemon
    Feb 21 03:02:14 server.xxxxx.com restartsrv_tailwatchd[11101]: Log is at /usr/local/cpanel/logs/tailwatchd_log
    Feb 21 03:02:14 server.xxxxx.com systemd[1]: tailwatchd.service: Supervising process 11108 which is not our child. We'll most likely not notice when it exits.
    Feb 21 03:02:14 server.xxxxx.com systemd[1]: Started tailwatchd.
    
    Startup Log
    Feb 21 03:02:14 server.xxxxx.com systemd[1]: Starting tailwatchd...
    Feb 21 03:02:14 server.xxxxx.com restartsrv_tailwatchd[11101]: [Wed Feb 21 03:02:14 2018] Starting /usr/local/cpanel/libexec/tailwatch/tailwatchd daemon
    Feb 21 03:02:14 server.xxxxx.com restartsrv_tailwatchd[11101]: Log is at /usr/local/cpanel/logs/tailwatchd_log
    Feb 21 03:02:14 server.xxxxx.com systemd[1]: tailwatchd.service: Supervising process 11108 which is not our child. We'll most likely not notice when it exits.
    Feb 21 03:02:14 server.xxxxx.com systemd[1]: Started tailwatchd.
    
    tailwatchd restarted successfully.
    
    Halting pure-ftpd
    
    Disabling pure-ftpd in init system
    
    Switching FTP server to pure-ftpd
    
    Updating FTP related RPMs
    
    Enabling pure-ftpd in init system
    Waiting for “pureftpd” to start ……waiting for “pureftpd” to initialize ………finished.
    
    Service Status
    pure-ftpd (pure-ftpd (SERVER)) is running as root with PID 11312 (systemd+/proc check method).
    
    Startup Log
    Feb 21 03:02:16 server.xxxxx.com systemd[1]: Started Pure-FTPd.
    Feb 21 03:02:16 server.xxxxx.com systemd[1]: Starting Pure-FTPd...
    Feb 21 03:02:16 server.xxxxx.com pure-ftpd[11312]: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem
    
    pureftpd started successfully.
    Startup Log
    Feb 21 03:02:16 server.xxxxx.com systemd[1]: Started Pure-FTPd.
    Feb 21 03:02:16 server.xxxxx.com systemd[1]: Starting Pure-FTPd...
    Feb 21 03:02:16 server.xxxxx.com pure-ftpd[11312]: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem
    
    pureftpd started successfully.
    1
    Enabling chksrvd monitoring
    Waiting for “tailwatchd” to restart ………waiting for “tailwatchd” to initialize ………finished.
    
    Service Status
    tailwatchd (tailwatchd) is running as root with PID 11337 (systemd+/proc check method).
    tailwatchd (tailwatchd) running as root with PID 11337 (process table check method)
    tailwatchd (tailwatchd) running as root with PID 11337 (process table check method)
    
    Startup Log
    Feb 21 03:02:17 server.xxxxx.com systemd[1]: Starting tailwatchd...
    Feb 21 03:02:18 server.xxxxx.com restartsrv_tailwatchd[11332]: [Wed Feb 21 03:02:18 2018] Starting /usr/local/cpanel/libexec/tailwatch/tailwatchd daemon
    Feb 21 03:02:18 server.xxxxx.com restartsrv_tailwatchd[11332]: Log is at /usr/local/cpanel/logs/tailwatchd_log
    Feb 21 03:02:18 server.xxxxx.com systemd[1]: tailwatchd.service: Supervising process 11337 which is not our child. We'll most likely not notice when it exits.
    Feb 21 03:02:18 server.xxxxx.com systemd[1]: Started tailwatchd.
    
    Startup Log
    Feb 21 03:02:17 server.xxxxx.com systemd[1]: Starting tailwatchd...
    Feb 21 03:02:18 server.xxxxx.com restartsrv_tailwatchd[11332]: [Wed Feb 21 03:02:18 2018] Starting /usr/local/cpanel/libexec/tailwatch/tailwatchd daemon
    Feb 21 03:02:18 server.xxxxx.com restartsrv_tailwatchd[11332]: Log is at /usr/local/cpanel/logs/tailwatchd_log
    Feb 21 03:02:18 server.xxxxx.com systemd[1]: tailwatchd.service: Supervising process 11337 which is not our child. We'll most likely not notice when it exits.
    Feb 21 03:02:18 server.xxxxx.com systemd[1]: Started tailwatchd.
    
    tailwatchd restarted successfully.
    
    FTP server conversion complete
    
    
    Thanks if anyone can explain why its throwing these errors and how to fix them

    Spiro
     
    #1 Spirogg, Feb 21, 2018
    Last edited by a moderator: Feb 21, 2018
  2. Spirogg

    Spirogg Active Member

    Joined:
    Feb 21, 2018
    Messages:
    27
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    chicago
    cPanel Access Level:
    Root Administrator
    Also when restarting FTP i get this error

    Restarting FTP Server

    Waiting for “pureftpd” to restart ………waiting for “pureftpd” to initialize ………finished.

    Service Status
    pure-ftpd (pure-ftpd (SERVER)) is running as root with PID 19769 (systemd+/proc check method).

    Startup Log
    Feb 21 03:29:51 server.xxxx.com systemd[1]: Started Pure-FTPd.
    Feb 21 03:29:51 server.xxxx.com systemd[1]: Starting Pure-FTPd...
    Feb 21 03:29:51 server.xxxx.com pure-ftpd[19769]: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem

    Startup Log
    Feb 21 03:29:51 server.xxxx.com systemd[1]: Started Pure-FTPd.
    Feb 21 03:29:51 server.xxxx.com systemd[1]: Starting Pure-FTPd...
    Feb 21 03:29:51 server.xxxx.com pure-ftpd[19769]: (?@?) [DEBUG] Couldn't load the DH parameters file /etc/ssl/private/pure-ftpd-dhparams.pem

    pureftpd restarted successfully.
     
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,937
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    1. Try running the following commands to see if it solves this issue (note this can take several minutes to complete):

    Code:
    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 3072
    /scripts/restartsrv_pureftpd
    2. As far as tailwatchd, the restart should have solved that issue. If not, please open a separate forums thread and include the output from the following command:

    Code:
    ps aux|grep tailwatch
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Spirogg

    Spirogg Active Member

    Joined:
    Feb 21, 2018
    Messages:
    27
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    chicago
    cPanel Access Level:
    Root Administrator
    hi ok thanks for this code

    it solved the one issue
    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048
    /scripts/restartsrv_pureftpd

    i posted another thread for the other issue here

    just incase someone else has this issue

    Spiro
     
    cPanelMichael likes this.
  5. Spirogg

    Spirogg Active Member

    Joined:
    Feb 21, 2018
    Messages:
    27
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    chicago
    cPanel Access Level:
    Root Administrator

    Hello,

    I have a quick Question would we have better security if we were to use

    Code:
    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 4096
    /scripts/restartsrv_pureftpd
    or is there a reson why you suggest

    Code:
    openssl dhparam -out /etc/ssl/private/pure-ftpd-dhparams.pem 2048
    /scripts/restartsrv_pureftpd

    just wondering, also why is this still an issue with a fresh install of cPanel ?can you guys fix this so we dont have to do this everytime we install cPanel ?


    thanks so much in advance,

    Spiro
     
  6. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    45,214
    Likes Received:
    1,937
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @Spirogg,

    2048 was recommended in order to suppress the warning message and generate the parameters as quickly as possible. However, in order to provide 128-bit security, which is the lower bound for adequate security, Diffie-Hellman parameters should be at least 3072 bits in size. I've updated my previous post to reflect this.

    We stopped generating the Diffie-Hellman parameters at compile time in cPanel & WHM version 56 due to a lack of compatibility with Java version 8 (Java 8 doesn't support parameters larger than 2048 bits in size). Since it's been some time since that change was made, I've opened internal case CPANEL-23772 to explore suppressing this warning message when Pure-FTPd starts, or generating the Diffie-Hellman parameters at compile time again. I'll monitor this case and update this thread with more information as it becomes available.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Spirogg

    Spirogg Active Member

    Joined:
    Feb 21, 2018
    Messages:
    27
    Likes Received:
    3
    Trophy Points:
    3
    Location:
    chicago
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice