• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Resolved Almalinux 9 Plesk Obsidian license issue

E

enduser

Basic Pleskian
Username:

TITLE

Almalinux 9 Plesk Obsidian license issue

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

AlmaLinux release 9.1
Plesk Obsidian 18.0.49

PROBLEM DESCRIPTION

Cannot install Plesk license on AlmaLinux 9

CLI:
plesk sbin keymng --install --source-file trial.key
Install failed: Certificate signature verification failed; error info:
error:03000098:digital envelope routines::invalid digest
error:06880006:asn1 encoding routines::EVP lib
exit status 1

GUI:
Certificate signature verification failed; error info: error:03000098:digital envelope routines::invalid digest error:06880006:asn1 encoding routines::EVP lib (Error code: 2)

STEPS TO REPRODUCE

fresh install Plesk on AlmaLinux 9
plesk sbin keymng --install --source-file trial.key

ACTUAL RESULT

Install failed: Certificate signature verification failed; error info:
error:03000098:digital envelope routines::invalid digest
error:06880006:asn1 encoding routines::EVP lib
exit status 1

EXPECTED RESULT

no error and install the license key successfully.

ANY ADDITIONAL INFORMATION

Discussion in forum

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
Developers were not able to reproduce the issue. From test engineer:

Could not reproduce the issue on two different infrastructure platforms with fresh Almalinux 9 or upgraded from 8 using ELevate.
Please provide access to a fresh server with Almalinux 9 where Plesk can be installed to reproduce the issue.
Additionally, what is the 'trial.key' file that is used for license installation? Can it be also reproduced when installing license using activation key?
The issue seems to be related to the SHA-1 handling in the OS release, as per the changelog:
  • The use of SHA-1 for signatures is restricted in the default crypto policy. Please be aware that this may cause issues using SSH to access older systems, such as RHEL/CentOS 6. To allow SHA-1 you can run:
update-crypto-policies --set DEFAULT:SHA1
Click to expand...

If the hints in the feedback do no help to solve the issue, please open a ticket with official Plesk support and provide SSH access to your server for support using the Plesk SSH support extension. Please also refer to PPS-13782 that support staff can reproduce the issue directly on your server.
 
Now this is interesting ....

In the LXC image of Almalinux 9 there is no crypto-policies-scripts installed .

In order to fix the issue, it was needed to :
Code: 
dnf -y install crypto-policies-scripts

then
Code: 
update-crypto-policies --set DEFAULT:SHA1

reboot

and now the Plesk trial key can be installed.

 
You must log in or register to reply here.

Similar threads

J
Issue Almalinux 9 Plesk Obsidian license issue
Replies
9
Views
2K
enduser
E
GSMPRO
Question Trying To Install Plesk On AlmaLinux 9
Replies
4
Views
793
GSMPRO
GSMPRO
A
Question Upgrade Almalinux 8 to 9 with Plesk installed
Replies
2
Views
2K
ansgar
A
nethubonline
Resolved Plesk install failure on AlmaLinux 9
Replies
3
Views
2K
nethubonline
nethubonline
brainforge
Resolved System updates have started failing.
Replies
2
Views
1K
brainforge
brainforge
Back
Top