Resolved .... and now I cannot access to plesk

[pitufo_webmaster]

• Ubuntu 16.04.5 LTS‬
• Plesk Onyx Versión 17.8.11

Hi guys
following the instructions for the solution of a warning now I can not access the PLESK
This is the solution I have applied. line by line.

solution:
Various actions fail in Plesk with Fail2Ban installed after server reboot: Unable to open file /run/lock/files/, There is no directory /var/run/

I have apllied this solution, and now I cannot access to my VPS via PLESK. I can do it via SSH and the content are online.
thks in advance

 

[Kaspar]

Not sure what happend, but could it be that you've accidentally been blocked (black listed) by fail2ban yourself? Maybe try to access the server from a different IP?

 

[pitufo_webmaster]

Thanks for the idea, but it's not that. I have used different location and IP

 

[Bitpalast]

and now I cannot access to my VPS via PLESK.

Please describe what exactly you are doing (e.g. open a specific URL, open a website etc.) and what the reaction of the server is when you are doing it.

 

[pitufo_webmaster]

Hi Peter. thks in advance
first all, I had a warning when I made a backup :

Error: server "server"
Cannot encrypt dump file (this is not fatal error!): PHP Warning: fopen(/run/lock/files/backup_encrypt.lock): failed to open stream: No such file or directory; File: /opt/psa/admin/plib/backup/Encryptor.php, Line: 499 [2019-01-22 11:13:10.541] ERR [panel] Unable to open file /run/lock/files/backup_encrypt.lock Unable to open file /run/lock/files/backup_encrypt.lock

then I found this solution for the warning : LINK SOLUTION
This was my previous Post
I made it even though I have not fail2ban installed in my server yet ...

# mkdir /run/lock/files
# mkdir /run/fail2ban
# chown root:psaadm /run/lock/files/
# chmod 770 /run/lock/files/
# chown root:root /run/fail2ban
# chmod 755 /run/fail2ban
# echo "d /run/lock/files/ 0770 root psaadm" > /etc/tmpfiles.d/lockfiles.conf
# echo "d /run/fail2ban 0755 root root" > /etc/tmpfiles.d/fail2ban.conf

and now, my server is online, all the websites, emai, are working, but I cannot acces de plesk in strato

 

[Bitpalast]

Please check if the service "sw-cp-server" is running.
# service sw-cp-server status

If it is not, start it with
# service sw-cp-server start

 

[pitufo_webmaster]

# service sw-cp-server status

● sw-cp-server.service - Startup script for Plesk control panel server
   Loaded: loaded (/lib/systemd/system/sw-cp-server.service; enabled; vendor pre
   Active: failed (Result: exit-code) since mar 2019-04-16 02:22:23 CEST; 8h ago
  Process: 31920 ExecStartPre=/usr/sbin/sw-cp-serverd -q -t (code=exited, status

abr 16 02:22:23 h2722569.stratoserver.net sw-cp-serverd[31920]: nginx: [emerg] B
abr 16 02:22:23 h2722569.stratoserver.net sw-cp-serverd[31920]: nginx: configura
lines 1-7/7 (END)...skipping...
● sw-cp-server.service - Startup script for Plesk control panel server
   Loaded: loaded (/lib/systemd/system/sw-cp-server.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since mar 2019-04-16 02:22:23 CEST; 8h ago
  Process: 31920 ExecStartPre=/usr/sbin/sw-cp-serverd -q -t (code=exited, status=1/FAILURE)

abr 16 02:22:23 h2722569.stratoserver.net sw-cp-serverd[31920]: nginx: [emerg] BIO_new_file("/opt/psa/admin/conf/httpsd.pem")
abr 16 02:22:23 h2722569.stratoserver.net sw-cp-serverd[31920]: nginx: configuration file /etc/sw-cp-server/config test faile
~

# service sw-cp-server start

Job for sw-cp-server.service failed because the control process exited with error code. See "systemctl status sw-cp-server.service" and "journalctl -xe" for details.

 

[Bitpalast]

I think what needs to be done is to create a new default server certificate and make it the default certificate for the server, because it seems that the configuration test, hence restart fails due to a misconfigured default SSL certificate. The file is either missing or empty or has wrong content.

The utility is described here
certificate: SSL/TLS Certificates
and here
How to use command-line utility to manage certificates in Plesk?

But I have never had to reconfigure a server default certificate via command line, so I am not aware of the exact command for this. It's something like
# plesk bin certificate --assign-cert "Default certificate" -admin example.com -ip <server IP>
but not sure with this.

Maybe it would be better to start with
# plesk repair installation
and hope that a working default configuration is created for sw-cp-server.

 

[pitufo_webmaster]

thks for your interest Peter.

# plesk repair installation

and, same.

 

[Bitpalast]

O.k., this should work:
1) Change into the directory where httpsd.conf is located
# cd /opt/psa/admin/conf
2) Create a certificate "manually"
# openssl req -new -nodes -x509 -out httpsd.pem -newkey rsa:2048 -keyout httpsd.pem -days 3650
3) Restart
# service sw-cp-server restart

[Edited after first posting of this entry.]

 

[pitufo_webmaster]

hi Peter
you rules !!! XD
now it´s working my plesk !!!! uffff
2 questions
a.- in this procces I have added several dat . like : name, emais :....

Country Name (2 letter code) [AU]:es
State or Province Name (full name) [Some-State]:rioja
Locality Name (eg, city) []:logrono

is this neccesary change it now?

b.- Your are invited to a cup of the best wine of the world ... a Rioja wine if your visite Logroño city

 

[Bitpalast]

a) You have created a self-signed, local certificate. It does not really matter what its content is. But you should now go to Tools & Settings > Security > SSL/TLS Certificates and click the "Let's Encrypt" button to create a "real" public certificate that is signed by a trust center. Then use that new Let's Encrypt certificate as the default certificate and for web server and mail server. This is how the result should look (red boxes only to mark the relevant parts and buttons):



b) Thank you.