Kopano ICAL doesnt work
i try to turn ICAL download over HTTPS on my Kopano Server.
I try to rename “ical_listen:*8080” to “icals_listen:*8443” but after restart the kopano-ical service it fails.
The log from the ical-service tells me that the address is already in use.
Where is the fault?
2020-06-03T15:43:33.241309: [=======] Starting kopano-ical version 8.7.85 (pid 15024 uid 0) 2020-06-03T15:43:33.241696: [error ] K-1559: bind 0.0.0.0:8443: Address already in use 2020-06-03T15:43:33.241732: [error ] K-1559: bind [::]:8443: Address already in use 2020-06-03T15:47:29.316061: [=======] Starting kopano-ical version 8.7.85 (pid 15658 uid 0) 2020-06-03T15:47:29.332057: [=======] Starting kopano-ical version 8.7.85 (pid 15658 uid 992)
Hello @nils50122 ,
please check with the following command which service on your system already uses port 8443.
netstat -tulpen | grep :8443
> netstat -tulpen | grep :8443 tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 0 762791635 21052/config tcp6 0 0 :::8443 :::* LISTEN 0 762791637 21052/config
Hi @nils50122 ,
on your system a different service is bind to port 8443. Maybe Tomecat, Spamassassin, Dovecot,…
You should check what service this is.
ps -ef | grep 21052 | grep -v grep
…gives you more details about your config-process (PID #21052) which uses port 8443.
There runs a Plesk Webserver.
Can i change the port from 8443 for example to 8444 in ical config?
Is it required to give the user “ical rights” or some other? The Adminiration Guide is not so helpful on ICAL config.
Hi @nils50122 ,
changing the suggested port from 8443 to 8444 is possible and you do not need to set special “ical rights” to your Kopano-User.
root@mail:/etc/kopano# tail -f /var/log/kopano/ical.log 2020-06-09T07:18:24.127017: [debug ] Reexecing /usr/sbin/kopano-ical 2020-06-09T07:18:24.140733: [=======] Starting kopano-ical version 8.7.85 (pid 24023 uid 992) 2020-06-09T07:18:24.140837: [info ] Coredump status left at system default. 2020-06-09T07:18:24.141033: [info ] Re-using fd 5 for 0.0.0.0%lo:8080 2020-06-09T07:18:24.141059: [info ] Re-using fd 6 for [::]%lo:8080 2020-06-09T07:18:24.141152: [info ] Re-using fd 7 for 0.0.0.0:8444 2020-06-09T07:18:24.141194: [info ] Re-using fd 8 for [::]:8444 2020-06-09T07:18:24.141212: [error ] ECChannel::HrSetCtx(): cannot open key file 2020-06-09T07:18:24.141225: [error ] Error loading SSL context, ICALS will be disabled: call failed (80004005) 2020-06-09T07:18:24.142697: [info ] Logger process started on pid 24026
I get an SSL error.
I try everything, copy the both certificates from letsencrypt to /etc/kopano/gateway/cert.pem and privkey.pem and give the user kopano rights to access it. but it doesnt work.
Anyone has an idea?
I change the owner of both cert files and now there are no ssl erros.
When i try to open the urls:
https://domain:8444/caldav/user there comes an timeout (no log entry in ical.log)
https://domain:8444/caldav there comes an timeout (no log entry in ical.log)
https://domain:8444/ical there comes an timeout (no log entry in ical.log)
Same with http and port 8080, timeout and no log entry.
What goes wrong there?
Hello @nils50122 ,
have you made an internal test?
You can also check from another another (internal) computer with:
nc -v -z hostname-or-ip-address 8444
Should result: “Connection to localhost 8444 port [tcp/*] succeeded!”
Maybe temporarily increasing the log-level in /etc/kopano/ical.cfg will also give you more hints.