Facebook
Twitter
We have hundreds of Plesk servers and at least several times per week, mostly during the nightly log rotation that Plesk schedules for roughly 4am local time, apache dies. It can also occur just from someone adding or removing a site from a server though.
The cause of the problem is references in the /etc/httpd/conf/plesk.conf.d/server.conf to SSL certificate files that do not exist. So apache goes down when it tries to restart, and takes down every website on the server. The error will be something along these lines:
/etc/httpd/conf/plesk.conf.d/server.conf:
...
SSLCertificateFile: file '/usr/local/psa/var/certificates/cert-GY1GIs' does not exist or is empty
In the server.conf, it will be in a section like this:
It is also always (100% of the time) an error related to an IP address that is not currently in use by any website on the server.
There are two fixes:
1) Run /usr/local/psa/admin/bin/httpdmng --reconfigure-all
2) Look at the server.conf and find the IP in question, then go into the web interface and change the default SSL for the IP in question at the IP level.
I see a similar issue in http://kb.odin.com/en/123399 from Plesk 11.5, and I seem to recall this issue going back a while, so it obviously still has some method of occurring.
Is this a known issue, is there a fix? It's getting really annoying that we have customers going offline at 4am several times per week because of this.
More importantly, why does Plesk not do an apache syntax test before telling it to restart? Apache is not as smart as nginx and will just blindly 'restart' without checking its config, so then it's down and can't start back up. Nginx, same server, after same issue is occurring, will produce an error if you try to restart it, refusing to restart:
so at least nginx tries to keep things running, but if apache is down, so are the sites anyway.
The cause of the problem is references in the /etc/httpd/conf/plesk.conf.d/server.conf to SSL certificate files that do not exist. So apache goes down when it tries to restart, and takes down every website on the server. The error will be something along these lines:
/etc/httpd/conf/plesk.conf.d/server.conf:
...
SSLCertificateFile: file '/usr/local/psa/var/certificates/cert-GY1GIs' does not exist or is empty
In the server.conf, it will be in a section like this:
Code:
<VirtualHost 192.168.0.1:7081 127.0.0.1:7081>
ServerName "default-192_168_0_1"
UseCanonicalName Off
DocumentRoot "/var/www/vhosts/default/htdocs"
ScriptAlias /cgi-bin/ "/var/www/vhosts/default/cgi-bin"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile "/usr/local/psa/var/certificates/cert-GY1GIs"It is also always (100% of the time) an error related to an IP address that is not currently in use by any website on the server.
There are two fixes:
1) Run /usr/local/psa/admin/bin/httpdmng --reconfigure-all
2) Look at the server.conf and find the IP in question, then go into the web interface and change the default SSL for the IP in question at the IP level.
I see a similar issue in http://kb.odin.com/en/123399 from Plesk 11.5, and I seem to recall this issue going back a while, so it obviously still has some method of occurring.
Is this a known issue, is there a fix? It's getting really annoying that we have customers going offline at 4am several times per week because of this.
More importantly, why does Plesk not do an apache syntax test before telling it to restart? Apache is not as smart as nginx and will just blindly 'restart' without checking its config, so then it's down and can't start back up. Nginx, same server, after same issue is occurring, will produce an error if you try to restart it, refusing to restart:
Code:
Error: Unable to make action: Unable to manage service by nginx_control: ('restart', 'nginx'). Error: /usr/local/psa/admin/sbin/nginx-config execution failed:
nginx: [emerg] BIO_new_file("/usr/local/psa/var/certificates/cert-GY1GIs") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/psa/var/certificates/cert-GY1GIs','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failedso at least nginx tries to keep things running, but if apache is down, so are the sites anyway.
