After Plesk 11 to 12 Migration no SSL

[ffischer]

/var/www/vhosts/system/efw-forum.de/conf/nginx.conf

#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.

server {
listen 85.214.18.182:443 ssl;

server_name efw-forum.de;
server_name www.efw-forum.de;
server_name ipv4.efw-forum.de;

ssl_certificate /opt/psa/var/certificates/cert-t9q0DG;
ssl_certificate_key /opt/psa/var/certificates/cert-t9q0DG;
ssl_client_certificate /opt/psa/var/certificates/cert-68kpPE;
ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

client_max_body_size 128m;

root "/var/www/vhosts/efw-forum.de/httpdocs";
access_log "/var/www/vhosts/system/efw-forum.de/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/efw-forum.de/logs/proxy_error_log";

if ($host ~* ^efw-forum.de$) {
rewrite ^(.*)$ https://www.efw-forum.de$1 permanent;
}

location / {
proxy_pass https://85.214.18.182:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}

location /internal-nginx-static-location/ {
alias /var/www/vhosts/efw-forum.de/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}

location ~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon) {
proxy_pass https://85.214.18.182:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}

location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/efw-forum.de/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/efw-forum.de/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}

location ~ ^/~(.+?)(/.*)?$ {
proxy_pass https://85.214.18.182:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}

location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/efw-forum.de/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}

location ~ /$ {
index index.html index.cgi index.pl index.php index.xhtml index.htm index.shtml;
}

}

server {
listen 85.214.18.182:80;

server_name efw-forum.de;
server_name www.efw-forum.de;
server_name ipv4.efw-forum.de;

client_max_body_size 128m;

root "/var/www/vhosts/efw-forum.de/httpdocs";
access_log "/var/www/vhosts/system/efw-forum.de/logs/proxy_access_log";
error_log "/var/www/vhosts/system/efw-forum.de/logs/proxy_error_log";

if ($host ~* ^efw-forum.de$) {
rewrite ^(.*)$ http://www.efw-forum.de$1 permanent;
}

location / {
proxy_pass http://85.214.18.182:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}

location /internal-nginx-static-location/ {
alias /var/www/vhosts/efw-forum.de/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}

location ~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon) {
proxy_pass http://85.214.18.182:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}

location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/efw-forum.de/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/efw-forum.de/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}

location ~ ^/~(.+?)(/.*)?$ {
proxy_pass http://85.214.18.182:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}

location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:/var/www/vhosts/system/efw-forum.de/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}

location ~ /$ {
index index.html index.cgi index.pl index.php index.xhtml index.htm index.shtml;
}

}

 

[ffischer]

/etc/apache2/sites-available/000-default.conf

<VirtualHost *:7080>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.
    #ServerName www.example.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

/etc/apache2/sites-available/default-ssl.conf

<IfModule mod_ssl.c>
    <VirtualHost _default_:7081>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf

        #   SSL Engine Switch:
        #   Enable/Disable SSL for this virtual host.
        SSLEngine on

        #   A self-signed (snakeoil) certificate can be created by installing
        #   the ssl-cert package. See
        #   /usr/share/doc/apache2/README.Debian.gz for more info.
        #   If both key and certificate are stored in the same file, only the
        #   SSLCertificateFile directive is needed.
        SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

        #   Server Certificate Chain:
        #   Point SSLCertificateChainFile at a file containing the
        #   concatenation of PEM encoded CA certificates which form the
        #   certificate chain for the server certificate. Alternatively
        #   the referenced file can be the same as SSLCertificateFile
        #   when the CA certificates are directly appended to the server
        #   certificate for convinience.
        #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

        #   Certificate Authority (CA):
        #   Set the CA certificate verification path where to find CA
        #   certificates for client authentication or alternatively one
        #   huge file containing all of them (file must be PEM encoded)
        #   Note: Inside SSLCACertificatePath you need hash symlinks
        #        to point to the certificate files. Use the provided
        #        Makefile to update the hash symlinks after changes.
        #SSLCACertificatePath /etc/ssl/certs/
        #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt

        #   Certificate Revocation Lists (CRL):
        #   Set the CA revocation path where to find CA CRLs for client
        #   authentication or alternatively one huge file containing all
        #   of them (file must be PEM encoded)
        #   Note: Inside SSLCARevocationPath you need hash symlinks
        #        to point to the certificate files. Use the provided
        #        Makefile to update the hash symlinks after changes.
        #SSLCARevocationPath /etc/apache2/ssl.crl/
        #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl

        #   Client Authentication (Type):
        #   Client certificate verification type and depth.  Types are
        #   none, optional, require and optional_no_ca.  Depth is a
        #   number which specifies how deeply to verify the certificate
        #   issuer chain before deciding the certificate is not valid.
        #SSLVerifyClient require
        #SSLVerifyDepth  10

        #   SSL Engine Options:
        #   Set various options for the SSL engine.
        #   o FakeBasicAuth:
        #    Translate the client X.509 into a Basic Authorisation.  This means that
        #    the standard Auth/DBMAuth methods can be used for access control.  The
        #    user name is the `one line' version of the client's X.509 certificate.
        #    Note that no password is obtained from the user. Every entry in the user
        #    file needs this password: `xxj31ZMTZzkVA'.
        #   o ExportCertData:
        #    This exports two additional environment variables: SSL_CLIENT_CERT and
        #    SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
        #    server (always existing) and the client (only existing when client
        #    authentication is used). This can be used to import the certificates
        #    into CGI scripts.
        #   o StdEnvVars:
        #    This exports the standard SSL/TLS related `SSL_*' environment variables.
        #    Per default this exportation is switched off for performance reasons,
        #    because the extraction step is an expensive operation and is usually
        #    useless for serving static content. So one usually enables the
        #    exportation for CGI and SSI requests only.
        #   o OptRenegotiate:
        #    This enables optimized SSL connection renegotiation handling when SSL
        #    directives are used in per-directory context.
        #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                SSLOptions +StdEnvVars
        </FilesMatch>
        <Directory /usr/lib/cgi-bin>
                SSLOptions +StdEnvVars
        </Directory>

        #   SSL Protocol Adjustments:
        #   The safe and default but still SSL/TLS standard compliant shutdown
        #   approach is that mod_ssl sends the close notify alert but doesn't wait for
        #   the close notify alert from client. When you need a different shutdown
        #   approach you can use one of the following variables:
        #   o ssl-unclean-shutdown:
        #    This forces an unclean shutdown when the connection is closed, i.e. no
        #    SSL close notify alert is send or allowed to received.  This violates
        #    the SSL/TLS standard but is needed for some brain-dead browsers. Use
        #    this when you receive I/O errors because of the standard approach where
        #    mod_ssl sends the close notify alert.
        #   o ssl-accurate-shutdown:
        #    This forces an accurate shutdown when the connection is closed, i.e. a
        #    SSL close notify alert is send and mod_ssl waits for the close notify
        #    alert of the client. This is 100% SSL/TLS standard compliant, but in
        #    practice often causes hanging connections with brain-dead browsers. Use
        #    this only for browsers where you know that their SSL implementation
        #    works correctly.
        #   Notice: Most problems of broken clients are also related to the HTTP
        #   keep-alive facility, so you usually additionally want to disable
        #   keep-alive for those clients, too. Use variable "nokeepalive" for this.
        #   Similarly, one has to force some clients to use HTTP/1.0 to workaround
        #   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
        #   "force-response-1.0" for this.
        BrowserMatch "MSIE [2-6]" \
                nokeepalive ssl-unclean-shutdown \
                downgrade-1.0 force-response-1.0
        # MSIE 7 and newer should be able to use keepalive
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

    </VirtualHost>
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

 

[UFHH01]

The config files from /etc/apache2/sites-available/ are not the ones, that Plesk creates, they are the standards from apache2. Please try to fix that by using the bootstrapper from Plesk:

First make sure, that you have all patches installed as well:

/usr/local/psa/admin/bin/autoinstaller --select-product-id plesk --select-release-current --reinstall-patch --install-component base​

Afterwards, please use the Plesk bootsrapper to fix some missing configuration files.

/usr/local/psa/bootstrapper/pp12.0.18-bootstrapper/bootstrapper.sh repair​

 

[ffischer]

ok running shell commands

 

[ffischer]

-- Warning: Skipping the data of table mysql.event. Specify the --events option explicitly.
Finishing up upgrade procedures and rerunning previously failed upgrade actions...
===> Cumulative APS controller database (apsc) upgrade and repair has been started.
===> Cumulative upgrade and repair of APS controller database has been completed.
===> Cumulative APS controller upgrade and repair (final stage) has been started.
===> Cumulative upgrade and repair of APS controller (final stage) has been completed.
===> Cumulative Plesk database upgrade and repair (revertable stage) has been started.
===> Preparing Plesk database upgrade (revertable stage).
===> Cumulative upgrade and repair of Plesk database (revertable stage) has been completed.
===> Cumulative Plesk upgrade and repair (final stage) has been started.
===> Preparing Plesk upgrade (final stage).
===> Cumulative upgrade and repair of Plesk (final stage) has been completed.
Reconfiguring mail subsystem...
Reconfiguring Apache web server...
AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/plesk.conf.d/server.conf:6
Reconfiguring ProFTPD FTP server...
Reconfiguring AWStats web statistics...
Reconfiguring WatchDog...
Restoring SELinux contexts...
Regenerating web servers' configuration files...
Cleaning active Panel sessions...

Bootstrapper repair finished.
If problems persist, please check installer logs ('/var/log/plesk/install/plesk_12.0.18_repair.log' and '/var/log/plesk/install/plesk_12.0.18_repair_problems.log') for errors.
If you can't resolve the issue on your own, please address Parallels support.


https:// sites not working

 

[ffischer]

hm i only migrate from Plesk 11.5 with Ubuntu 12.x to Ubtunu 14.x
this is not the first time i migrate .
never prroblems exept now


Server Reboot:
On Start Only this fails:

postfix/postfix-script: fatal: the Postfix mail system is already running
* Starting Postfix Mail Transport Agent postfix [fail]
starting psa... * Starting Plesk engine pool manager sw-engine-fpm [ OK ]
* Starting internet superserver xinetd [fail]

 

[UFHH01]

Did you mention before, that you use apache 2.4 ? Or did I just overread that information?

Without the entry "AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/plesk.conf.d/server.conf:6" I wouldn't have noticed, that you upgraded from apache 2.2 to 2.4.

Apache 2.4 has some new standards, which you can find here: http://httpd.apache.org/docs/2.4/upgrading.html

Due to the fact, that you use Ubuntu 14.04 ( which has apache 2.4 now as a standard ) ... I provide you with the two default.config files. Please make a backup by renaming the existing ones to "000-default.conf.dpkg-dist.old" and "default-ssl.conf.dpkg-dist.old" and use these two files:

000-default.conf :

<VirtualHost *:7080>
    ServerAdmin webmaster@localhost

    DocumentRoot /var/www
    <Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all granted
    </Directory>
    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Require all granted
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

    ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/var/run/php-fpm.sock|fcgi://localhost/var/www/vhosts/default/htdocs

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Require all granted

        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

    <IfModule mod_php5.c>
        AddType application/x-httpd-php .php .phtml .php3
        AddType application/x-httpd-php-source .phps

        <IfModule mod_dir.c>
            DirectoryIndex index.html index.php
        </IfModule>
    </IfModule>

    <FilesMatch "\.(php*|phtm|phtml|asp|aspx)$">
        SetHandler application/x-httpd-php
    </FilesMatch>

</VirtualHost>

default-ssl.conf :

<IfModule mod_ssl.c>
<VirtualHost _default_:7081>
    ServerAdmin webmaster@localhost

    DocumentRoot /var/www
    <Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all granted
    </Directory>
    <Directory /var/www/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Require all granted
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
        AllowOverride None
        Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    ProxyPassMatch ^/(.*\.php(/.*)?)$ unix:/var/run/php-fpm.sock|fcgi://localhost/var/www/vhosts/default/htdocs

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Require all granted
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

    SSLEngine on

    SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

    #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt

    #SSLCACertificatePath /etc/ssl/certs/
    #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt

    #SSLCARevocationPath /etc/apache2/ssl.crl/
    #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl

    #SSLVerifyClient require
    #SSLVerifyDepth  10

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
        SSLOptions +StdEnvVars
        Require all granted
    </Directory>

    BrowserMatch "MSIE [2-6]" \
        nokeepalive ssl-unclean-shutdown \
        downgrade-1.0 force-response-1.0

    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown


    # Enable php5_module for Apache to serve php - files

    <IfModule mod_php5.c>
        AddType application/x-httpd-php .php .phtml .php3
        AddType application/x-httpd-php-source .phps

        <IfModule mod_dir.c>
            DirectoryIndex index.html index.php
        </IfModule>
    </IfModule>

    <FilesMatch "\.(php*|phtm|phtml|asp|aspx)$">
        SetHandler application/x-httpd-php
    </FilesMatch>

</VirtualHost>
</IfModule>

You could as well modify your templates from Plesk, using a custom set of configurations, because Plesk deals with apache 2.2 and therefore is missing the "Required all granted" - stuff, which you find in the upgrade notice for apache 2.4 at the link above. For example:

Order allow,deny
Allow from all

is now in apache 2.4:

Require all granted

... to create a custom template set, please read the KB - article: http://kb.odin.com/115277
... and the following documentation for it: http://download1.parallels.com/Ples...nistration-guide/index.htm?fileName=68693.htm

... or use the Search Forums option with the words:

custom domain template​

for suggestions and examples.


If you don't create a custom set for your templates with the changes, you have to investigate all configurations files at "/etc/apache2/plesk.conf.d" and each httpd config - file in the folders "/var/www/vhosts/system/YOURDOMAIN.COM/conf" and change the apache 2.4 modifications.manually. Be aware that Plesk sometimes creates new config - files, when you change something in the Plesk Panel regarding the webserver / webhosting settings, so all your changes which you manually edited will be lost, if you don't have a custom domain template set, which recreates the config files with your modifications.

Please control as well, that the folder "/etc/apache2/plesk.conf.d/ip_default" contain at least symlinks to your "/var/www/vhosts/system/YOURDOMAIN.COM/conf/httpd_ip_default.conf" configuration and as mentioned control the apache 2.4 changes in these files.

 

[ffischer]

Plesk 11 Server has HTTP 2.2
using mIgration tool in plesk from OLD Server 11.x to new one
Plesk 12 Server has HTTP 2.4

i try this with your code above.

###
AH00526: Syntax error on line 31 of /etc/apache2/sites-enabled/000-default.conf:
Invalid command 'ProxyPassMatch', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.
The Apache error log may have more information.

 

[UFHH01]

The modules for the Proxy can be activated over Plesk as well: http://talk.plesk.com/threads/after-plesk-11-to-12-migration-no-ssl.320324/#post-757357 as seen in your image. ^^

 

[ffischer]

ok i try it out.
hope this will work soon.

Is this a Bug or a problem by Migration?

If i Create a new Domain, there is the same Problem with SSL

 

[UFHH01]

Well it is an issue regarding apache 2.4 and Plesk templates. As I wrote, in Ubuntu 14.04 the standard apache webserver is 2.4, but the Plesk templates are for apache 2.2. Plesk is not shipped with a apache webserver, but instead the current stable version of the operating system vendor is used. In Ubuntu 12.04 it is apache 2.2 and in Ubuntu 14.04 it is apache 2.4.

Did you install the Plesk extension "Webserver Configurations Troubleshooter" as well? This tool checks as well misconfigurations and marks changed and/or missing files ( https://YOURSERVERDOMAIN.COM:8443/modules/configurations-troubleshooter/ )

 

[ffischer]

Yes i installed the configurations-troubleshooter shows me evertying is ok



i tryd out " create new" nothing happens ...

 

[ffischer]

the migration was domain by domain
not the hole server at once.
Because my licence only allows 10 Domains ( after 10 Domains are used i can create a new Licence Key with 30 Domains )
so i had migrate 10 Domains from old Server without the "global Server" Option

 

[ffischer]

hope this is fixed in next Versions with MicroUpdate

 

[UFHH01]

Here is what I would do:

As you already have backups from your old server, I would re-install the whole server and I would modify the server with general mail-config, general webserver config and additional Plesk extensions ( nginx, php5-fpm, all components which you need and want to have on your server ) and if you are done with that, I would add ONE domain manually ( a domain with only a small amount of files in the http - docroot and probably only few eMail - accounts ), to see if all features and extensions work the way, they are supposed to work. Including a self-signed SSL-certificate, mail, spamassasin, domainkeys, webmail, a one-click installation of wordpress probably and what ever else you need or want to have. Only if all of this works like expected, then I would migrate the saved backups.

The microupdates don't solve a misconfiguration of apache and they won't solve any issues with your SSL - certificate of your efw-forum... but it's your choice and your server... ^^

 

[ffischer]

Hm - Actually the Plesk 12 Server is a Live System, some Customers are on this System.
The Old Server is alive but outdatet with Web and Mail Data.

Plesk 12 Server is a new one Server, no Migration from old Server With Plesk 11 - No Upgrade from 11 to 12
I Ordered a new Server on Strato - i only Migrate die Customers and Domains.

But i habe allready add a new customer and add a new Domain on Plesk 12,
with Same Problem.

I Cant connect to 443

 

[UFHH01]

Please make sure, that your IP(s) take the "right" SSL - certificate. At "Start > Tools & Settings > IP Adresses" you might have a look at the actual used certificates for each IP. You could as well try to generate new self-signed certificates and change them with the actual used ones, to verify that your IP(s) use the correct certificate. If you bought your own certificate, still create a new self-signed certificate and change it and if this works out to be the failure, delete the old "own" certificate and re-add it again. Afterwards change the certificate, so that the server uses the new added "own" certificate on the desired IP.

The very same procedure might be used in your domain settings at "Start > Abonnements > YOURDOMAIN.COM > Websites & Domains > YOURDOMAIN.COM > SSL certficates"

 

[ffischer]

"Start > Tools & Settings > IP Adresses"
i rensign a self signed Cert on both IP Adressess.

The Same i have done with the domain
but same problem.

Cant connect to SSL

with wget on ssh on the Server i get:


root@freaky-media:~# wget https://ssl.freaky-media.net
--2014-10-01 11:45:19-- https://ssl.freaky-media.net/
Auflösen des Hostnamen »ssl.freaky-media.net (ssl.freaky-media.net)«... 85.214.18.182
Verbindungsaufbau zu ssl.freaky-media.net (ssl.freaky-media.net)|85.214.18.182|:443... verbunden.
Es ist nicht möglich, eine SSL-Verbindung herzustellen.


root@freaky-media:~# wget http://ssl.freaky-media.net:443
--2014-10-01 11:47:58-- http://ssl.freaky-media.net:443/
Auflösen des Hostnamen »ssl.freaky-media.net (ssl.freaky-media.net)«... 85.214.18.182
Verbindungsaufbau zu ssl.freaky-media.net (ssl.freaky-media.net)|85.214.18.182|:443... verbunden.
HTTP-Anforderung gesendet, warte auf Antwort... Lesefehler (Die Verbindung wurde vom Kommunikationspartner zurückgesetzt) beim Vorspann (header).
Erneuter Versuch.


nginx does not allow 443
cant connect
you can try it https://ssl.freaky-media.net normaly you should see the "Welcome to Plesk Screen" like here http://ssl.freaky-media.net

 

[ffischer]

ok this is really strange:
i changed the hostname Start => Tools & Setings => Serversettings from normal hostname freaky-media.de to h2347367.stratoserver.net
now it works ... ok some Cert Problems with other Resources from other sites but .. SSL works ...
now i have rename h2347367.stratoserver.net to freaky-media.de and .. worked ...

i test it out

 

[ffischer]

Ok one question i have.

is it possible to enable "PHP processed by Nginx" for a Service Package,
actually i need to enable it for every domain manually.
on Abonement i find NGINX Settings "PHP processed by Nginx"
but here i cant find here "WebServer"
here ..

is it possible to enable by default in Service Packages ?

==>