KUSANAGI version upgrade details 8.0.1-2

KUSANAGI version upgrade details 8.0.1-2

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-2.

# yum update

KUSANAGI 8.0.1-1 Bug Fixes

  1. Apache configuration when kusanagi provision/setting specifies FQDN with www
  2. Kusanagi Package update issue

1. Apache configuration when kusanagi provision/setting specifies FQDN with www

If specifies www.example.com either example.com as FQDN with kusanagi provision/setting both will be set as VirtualHost, but we defined the second FQDN is not set as ServerAlias instead ServerName in Apache configuration.
In this patch, correctly set the second FQDN as ServerAlias ​​issue has been solved in this case.

2. Kusanagi Package update issue

There was a issue that yum update freezes when updating kusanagi package. In this patch , this issue has been solved.

KUSANAGI version upgrade details 8.0.1-1

KUSANAGI version upgrade details 8.0.1-1

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-1

# yum update

New features in KUSANAGI 8.0.1-1

  1. SSL Certificate Transparency is available(Only For NGINX)
  2. New feature for DH settings on SSL settings in Apache2
  3. Certbot-auto renew is available

1. SSL Certificate Transparency is available(Only For NGINX)

Certificate Transparency is a new technology to enhance the reliability of SSL / TLS proposed by Google.
Now RFC6962 is attracting attention as a new technology to prevent erroneous issuance of certificates.
Kusanagi-nginx previously supported CT, but you can enable / disable it with the option of kusanagi ssl command
kusanagi ssl --ct [on|off]

Creates a Signed Certificate Timestamp (SCT) from the SSL certificate on the configuration file, registers it on the Google site with the certificate, and enables CT with NGINX settings after run kusanagi ssl --ct on
Also, when acquiring SSL certificate of Let’s Encrypt with kusanagi provision / ssl --email, CT will be automatically on.

2. New features DH settings for Apache2 SSL settings

The DH (Diffie-Hellman) key exchange setting was set up previously in NGINX and now it’s also available to setup in Apache 2.
This setup will allow you to exchange encryption keys more securely.

3. Certbot-auto renew is available

Updates of SSL certificates acquired with Let’s Encrypt are registered in crontab for each profile and executed once every two months.
Therefore, there was a issue that the SSL certificate expires when updating the SSL certificate fails.
You can automatically update certificates those expire for SSL certificates obtained from Let’s Encrypt with certbot-auto renew option.

KUSANAGI 8.0.1-1 Bug Fixes

  1. Description error in Apache configuration file when setting ssl
  2. Active hsts will cause http response tab malfunction(Only For NGINX)
  3. Drupal8 error detect
  4. Failure in autorenewal with kusanagi provision/ssl --email
  5. Compete KUSANAGI Plugin between WP Site Manager
  6. Specified php7 have been ignored during the process kusanagi init
  7. Japanese Messages Errors

1. Description error in Apache configuration file when setting ssl

There was a problem with appending to Apache 2 configuration file when kusanagi provision/ssl --email option was specified

2. Active hsts will cause http response tab malfunction(Only For NGINX)

http response header will disappear while kusanagi ssl --hsts is active

3. Drupal8 error detect

Develop version either beta version will install while process of Drupal8 deploy with kusanagi provision --drupal8 command.

4. Failure in autorenewal with kusanagi provision/ssl --email

Autorenewal Let’s Encrypt SSL certificate cron settings was failed to auto renew when used kusanagi provision/ssl --email to get SSL certication.

5. Compete KUSANAGI Plugin between WP Site Manager

Installed WP Site Manager Plugin at same time will be influence by WP Site Manager (default installed by standard KUSANAGI installation).
However, bcache will malfunction by WP Site Manager Plugin installed.
The issues will be solve by this time KUSANAGI Plugin update with using the following command:

# kusanagi target profile
 # kusanagi update plugin

6. Specified php7 have been ignored during the process kusanagi init

php-fpm service won’t have any effective even chose php5 as option while kusanagi init running interactively.
This error won’t happen when --php5 option is choose during kusanagi init.

7. Japanese messages error

Fixed the kusanagi commands messages errors while kusanagi OS language setup in japansese.

KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

PHP7 7.0.12

Use the following command to update modules.

# yum update

KUSANAGI modules update

The modules that compose KUSANAGI have been updated. The new versions are as follows:

PHP7 7.0.12

Use the following command to update modules:
# yum update

KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

NGINX 1.11.5

Use the following command to update modules.

# yum update

KUSANAGI module update

The modules that compose KUSANAGI have been updated. The new versions are as follows:

NGINX 1.11.5

Use the following command to update modules:

# yum update

KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

openssl1.0.2j

Use the following command to update modules.

# yum update

We suggest to do upgrade version openssl-1.0.2j as fast as possible because this update includes security fixes issues.
Restart kusanagi with using command as follows when openssl-1.0.2j update is done.

# kusanagi restart

KUSANAGI version upgrade details 8.0.0-3

KUSANAGI version upgrade details 8.0.0-3

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.0-2

# yum update

The bug fixes and modifications of 8.0.0-3 are as follows.

  1. Failure in kusanagi update cert

1. Failure in kusanagi update cert

We recognize the process to get the Let’s Encrypt SSL certificate is failed while using kusanagi update cert.
We fixed this bug in KUSANAGI 8.0.0-3.

KUSANAGI version upgrade details 8.0.0-2

KUSANAGI version upgrade details 8.0.0-2

The bug fix of KUSANAGI 8.0.0 is done。
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.0-2。

# yum update

The bug fixes and modifications of 8.0.0-2 are as follows.

  1. Use kusanagi init can not create DH key sometimes
  2. Can not issue SSL certificate with kusanagi provision
  3. Failure with kusanagi update cert
  4. The specification of specifying FQDN with www by kusanagi provision

1.Use kusanagi init can not create DH key sometimes

After yum update,run the command kusanagi init sometimes can not create the DH key.

It will create the DH key with command kusanagi init in KUSANAGI 8.0.0-2.
If there is already DH key there,though run the command kusanagi init ,the DH key will not be recreated.

2.Can not issue SSL certificate with kusanagi provision

Using kusanagi provision without configuring --email, there will be a dialogue to configure email address,but the processing will not continue to get the Let’s Encrypt SSL certificate.

We fixed this bug in KUSANAGI 8.0.0-2.

3. Failure in kusanagi update cert

Run the command kusanagi update cert turned out to be a failure to get Let’s Encrypt SSL certificate.
We fixed this bug in KUSANAGI 8.0.0-2.

4. The specification of specifying FQDN with www by kusanagi provision

Fulfill the conditions below,with kusanagi provision to specify www.example.com or example.com as a FQDN, both  www.example.com and example.com will be configured as VirtualHosts.

  • Both www.example.com and example.com registered as A record of DNS
  • exmaple.com registered in whois information

At the time of getting the SSL certificate by Let’s Encrypt with specifying the FQDN  and the email address,both www.example.com and example.com will get the SSL certificate.

There will be the same process at the time of changing FQDN with the command kusanagi setting --fqdn and the time of getting the SSL certificate with command kusanagi ssl .