Get the most out of your Centmin Mod LEMP stack
Become a Member

Upgrade Problems with curl update for TLS 1.2 support.

Discussion in 'Install & Upgrades or Pre-Install Questions' started by redbird, Mar 7, 2018.

  1. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
    Hi.

    Let me describe the problem from the beginning.

    We have 2 centminmod VPS's (1 stable, 1 beta centmin).
    Each has wordpress running with memberpress plugin that accepts stripe payments.

    We got an email from stripe that they will be dropping support for TLS 1.0 soon and that we need to upgrade to TLS 1.2

    Memberpress support said that we need to update curl on our server to the latest in order to support TLS 1.2

    I checked both VPS the curl is very outdated (7.19 and 7.29)

    There are no mentioning in the forum about this issue, so we tried to follow these instructions: How to update cURL to the latest version

    However the update fails due to some repository priority protections:

    Code:
    [15:43]# yum install curl
    Loaded plugins: fastestmirror, priorities, security, versionlock
    Setting up Install Process
    Loading mirror speeds from cached hostfile
     * base: mirror.genesisadaptive.com
     * city-fan.org: www.city-fan.org
     * epel: epel.mirror.constant.com
     * extras: mirror.genesisadaptive.com
     * rpmforge: mirror.us.leaseweb.net
     * updates: mirror.genesisadaptive.com
    2050 packages excluded due to repository priority protections
    Package curl-7.19.7-53.el6_9.x86_64 already installed and latest version
    Nothing to do
    
    Please advise on how to update curl to the latest.
     
  2. pamamolf

    pamamolf Well-Known Member

    3,108
    294
    83
    May 31, 2014
    Ratings:
    +529
    Local Time:
    8:08 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    Just run:
     
  3. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
    Yeah I found it myself and was able to update it on centminmod beta123.09.

    However there were no addons folder on my other stable version 123.08 VPS (which was not updated for years I think)

    I tried to update centminmod via 23 and it failed and deleted itself:

    Code:
    [[email protected] ~]# ls -lah addons/
    ls: cannot access addons/: No such file or directory
    [[email protected] ~]# centmin
    /usr/local/src/centminmod ~
    
    --------------------------------------------------------
    Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
    --------------------------------------------------------
                       Centmin Mod Menu
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB 5.2/5.5 & 10.x Upgrade Sub-Menu
    12). Zend OpCache Install/Re-install
    13). Install ioping.sh vbtechsupport.com/1239/
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2...
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Re-install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + WP Super Cache
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 23
    --------------------------------------------------------
    
    --------------------------------------------------------
            Centmin Mod Updater Sub-Menu
    --------------------------------------------------------
    1). Setup Centmin Mod Github Environment
    2). Update Centmin Mod Current Branch
    3). Update Centmin Mod Newer Branch
    4). Back to Main menu
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 1
    --------------------------------------------------------
    
    setup Centmin Mod git sourced install...
    
    download github.com centmin mod 123.08stable branch repo
    Cloning into 'centminmod'...
    fatal: unable to access 'https://github.com/centminmod/centminmod.git/': Peer re                                                                                                                                                             ports incompatible or unsupported protocol version.
    inc/updater_submenu.inc: line 45: cd: centminmod: No such file or directory
    fatal: Not a git repository (or any of the parent directories): .git
    chmod: cannot access ‘centmin.sh’: No such file or directory
    
    list all available local branches
            git branch -a
    fatal: Not a git repository (or any of the parent directories): .git
    
    list git log last commit
            git log -a
    fatal: Not a git repository (or any of the parent directories): .git
    
    to update centmin mod 123.08stable branch repo via git
            cd /usr/local/src/centminmod
            git stash
            git pull
            chmod +x centmin.sh
    
    --------------------------------------------------------
            Centmin Mod Updater Sub-Menu
    --------------------------------------------------------
    1). Setup Centmin Mod Github Environment
    2). Update Centmin Mod Current Branch
    3). Update Centmin Mod Newer Branch
    4). Back to Main menu
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 3
    --------------------------------------------------------
    
    Error: you do not have git environment setup for github based updates
           run submenu option 1 to setup github environment first
    
    --------------------------------------------------------
            Centmin Mod Updater Sub-Menu
    --------------------------------------------------------
    1). Setup Centmin Mod Github Environment
    2). Update Centmin Mod Current Branch
    3). Update Centmin Mod Newer Branch
    4). Back to Main menu
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 1
    --------------------------------------------------------
    
    setup Centmin Mod git sourced install...
    
    download github.com centmin mod 123.08stable branch repo
    Cloning into 'centminmod'...
    fatal: unable to access 'https://github.com/centminmod/centminmod.git/': Peer reports incompatible or unsupported protocol version.
    inc/updater_submenu.inc: line 45: cd: centminmod: No such file or directory
    fatal: Not a git repository (or any of the parent directories): .git
    chmod: cannot access ‘centmin.sh’: No such file or directory
    
    list all available local branches
            git branch -a
    fatal: Not a git repository (or any of the parent directories): .git
    
    list git log last commit
            git log -a
    fatal: Not a git repository (or any of the parent directories): .git
    
    to update centmin mod 123.08stable branch repo via git
            cd /usr/local/src/centminmod
            git stash
            git pull
            chmod +x centmin.sh
    
    --------------------------------------------------------
            Centmin Mod Updater Sub-Menu
    --------------------------------------------------------
    1). Setup Centmin Mod Github Environment
    2). Update Centmin Mod Current Branch
    3). Update Centmin Mod Newer Branch
    4). Back to Main menu
    --------------------------------------------------------
    Enter option [ 1 - 4 ] 4
    --------------------------------------------------------
    --------------------------------------------------------
    Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
    --------------------------------------------------------
                       Centmin Mod Menu
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB 5.2/5.5 & 10.x Upgrade Sub-Menu
    12). Zend OpCache Install/Re-install
    13). Install ioping.sh vbtechsupport.com/1239/
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2...
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Re-install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + WP Super Cache
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 24
    --------------------------------------------------------
    
    --------------------------------------------------------
    Please bookmark:
    --------------------------------------------------------
    ###############################################################
    * Getting Started Guide - http://centminmod.com/getstarted.html
    * Find the latest Centmin Mod version - http://centminmod.com
    * Centmin Mod FAQ - http://centminmod.com/faq.html
    * Change Log - http://centminmod.com/changelog.html
    * Google+ Page latest news http://centminmod.com/gpage
    * Community Forums https://community.centminmod.com (signup)
    ###############################################################
    # Cheap VPS Hosting at Digitalocean
    # https://www.digitalocean.com/?refcode=c1cb367108e8
    ###############################################################
    You have new mail in /var/spool/mail/root
    [[email protected] ~]# cd /usr/local/src/centminmod
    -bash: cd: /usr/local/src/centminmod: No such file or directory
    [[email protected] ~]# cd /usr/local/src
    [[email protected] src]# ls -la
    total 56020
    drwxr-xr-x  2 root root     4096 Mar  6 12:14 .
    drwxr-xr-x 17 root root     4096 Sep 20  2015 ..
    -rw-r--r--  1 root root 57294049 Sep 20  2015 123.08stable.zip
    [[email protected] src]# centmin
    /usr/bin/centmin: line 2: pushd: /usr/local/src/centminmod: No such file or directory
    bash: centmin.sh: No such file or directory
    You have new mail in /var/spool/mail/root
    
    Please need help ASAP!!!
     
  4. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
     
  5. pamamolf

    pamamolf Well-Known Member

    3,108
    294
    83
    May 31, 2014
    Ratings:
    +529
    Local Time:
    8:08 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    It will be better to use latest Centminmod beta as has all latest development tricks :)

    It is very stable as the beta tag is related to the waiting from eva2000 to update the site documentation and not the code itself as most of us here use it with no issues :)
     
    • Agree Agree x 2
  6. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Both CentOS/Redhat 7.4 and 6.9 should work fine with TLS 1.2 with curl 7.19 latest in CentOS 6.9 and curl 7.29 in CentOS 7.4 without needing to update as RHEL/CentOS backport changes into their curl version without changing version numbers. Just make sure you're on CentOS 6.9 or 7.4 as earlier versions might not have backported such changes in their curl versions. CentOS 6.8 definitely isn't updated like 6.9 is.

    So not you don't need to run /usr/local/src/centminmod/addons/customcurl.sh. But if you want to, only latest 123.09beta01 has support for /usr/local/src/centminmod/addons/customcurl.sh and yes 123.09beta01 is very stable - it's only beta waiting on me to update all site and forum documentation for 123.09beta01's changes which will take a long time as I only work on centmin mod in my spare time.

    Upgrading Centmin Mod involves 2 parts.
    1. Upgrading the actual Centmin Mod code outlined at Upgrade Centmin Mod. This is heart of Centmin Mod where the code is the engine that runs centmin.sh shell based menu and all the automation you're accustomed to. You can easily update within a Centmin Mod version branch or switch version branches via centmin.sh menu option 23 outlined here. So in your case using centmin.sh menu option 23 submenu option 3 and selecting 123.09beta01 branch switch
    2. Upgrade software that Centmin Mod installed or manages. For this part following outline at How to upgrade Centmin Mod software installed on your server. Then exist centmin.sh after switching branches and then re-run centmin.sh menu options 4, 5 and 10 at least to update nginx, php and memcached to 123.09beta01 versions. For nginx and php specify the same versions you used before if you want.
     
  7. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    hmm that's due to Github dropping TLS 1.1 and TLS 1.0 support i think Weak cryptographic standards removal notice

    at least make srue you're on CentOS 6.9 or 7.4 as older versions don't have Git clients that support TLS v1.2

    will have to figure something out
     
  8. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  9. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
    George, so what are the steps to restore centminmod in my case? Please see post #3

    It's centos 7.1 on this particular vps.
     
  10. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    2 steps

    step 1. update centos 7.4 via yum -y update which will also update git and curl versions and reboot server
    step 2. clean replacement of centmin mod via git clone commands

    replace branchname with branch you want either 123.08stable or 123.09beta01
    Code (Text):
    branchname=123.09beta01
    cd /usr/local/src
    rm -rf centminmod*
    git clone -b ${branchname} --depth=1 https://github.com/centminmod/centminmod.git centminmod
    cd centminmod
    ./centmin.sh
     
    • Winner Winner x 1
  11. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
    @eva2000 I updated centos just fine to 7.4 but having troubles with your command:

    Code:
    [[email protected] src]# git clone -b $123.09beta01 --depth=1 https://github.com/centminmod/centminmod.git centminmod
    Cloning into 'centminmod'...
    warning: Could not find remote branch 23.09beta01 to clone.
    fatal: Remote branch 23.09beta01 not found in upstream origin
    Unexpected end of command stream
    [[email protected] src]# git clone -b ${123.09beta01} --depth=1 https://github.com/centminmod/centminmod.git centminmod
    -bash: ${123.09beta01}: bad substitution
    [[email protected] src]#
    
     
  12. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
    ok got it. It should be just:

    Code:
    git clone -b 123.09beta01 --depth=1 https://github.com/centminmod/centminmod.git centminmod
     
  13. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    yeah no $ in front of 123.09beta01
     
    • Like Like x 1
  14. redbird

    redbird Member

    63
    9
    8
    Aug 28, 2015
    Web
    Ratings:
    +16
    Local Time:
    3:08 PM
    Thanks for the help. Updated centos, reinstalled centmin, then upgraded curl via yum and recompiled php.

    Now lets see if stripe will be using tls 1.2
     
    • Like Like x 1
  15. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Does Stripe have any TLSv1.2 testing php script you can use too ?
     
  16. pamamolf

    pamamolf Well-Known Member

    3,108
    294
    83
    May 31, 2014
    Ratings:
    +529
    Local Time:
    8:08 AM
    Nginx-1.13.x
    MariaDB 10.1.x
    My servers report:
    and
    Am i ok? :)
     
  17. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  18. Jon Snow

    Jon Snow Active Member

    365
    59
    28
    Jun 30, 2017
    Ratings:
    +87
    Local Time:
    2:08 AM
    Nginx 1.13.9
    MariaDB 10.1.31
    Mine says 7.4.1708 too.

    Couldn't find anything :
    Code (Text):
    yum -y update
    Loaded plugins: fastestmirror, priorities, versionlock
    Loading mirror speeds from cached hostfile
     * base: mirrors.linode.com
     * epel: fedora-epel.mirrors.tds.net
     * extras: mirrors.linode.com
     * rpmforge: mirror.us.leaseweb.net
     * updates: mirrors.linode.com
    224 packages excluded due to repository priority protections
    No packages marked for update
     
  19. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:08 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah as the links says solution is to update to CentOS 6.9 or 7.4 so if you're on 7.4 with latest yum updates you should be fine.
     
  20. Jon Snow

    Jon Snow Active Member

    365
    59
    28
    Jun 30, 2017
    Ratings:
    +87
    Local Time:
    2:08 AM
    Nginx 1.13.9
    MariaDB 10.1.31
    Ah. I thought we had to update to 6.9 or 7.4 then run the command to check for updates to update.
     
..