Resolved Fail to create let's encrypt

[Tomili]

I have installed the let's encrypt extension.

When i try to create an ssl cretificate become an error like this.
PANEL

Fehler: Fehler bei der Installation des SSL-Zertifikats von Let's Encrypt: Installation is broken.

LOG

3047#0: *126 no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking

---------------
Error on extension install

Fehler bei der Ausführung von /opt/psa/admin/plib/modules/letsencrypt/scripts/post-install.php. Der Exitcode lautet 1 und die Ausgabe ist:

Error on uninstall

Fehler bei der Ausführung von /opt/psa/admin/plib/modules/letsencrypt/scripts/pre-uninstall.php. Der Exitcode lautet 1 und die Ausgabe ist: [2016-11-03 20:41:59] ERR [extension/letsencrypt] Cannot uninstall scheduled task renew_certificates with error: Object not found: 0x
[2016-11-03 20:41:59] ERR [panel] Execution le-installer has failed with exit code 126, stdout: , stderr: sh: 1: /opt/psa/admin/bin/modules/letsencrypt/le-installer: Permission denied
:
0: /opt/psa/admin/plib/pm/ApiCli.php:150
   pm_ApiCli::_filterResult(string 'le-installer', integer '126', string '', string 'sh: 1: /opt/psa/admin/bin/modules/letsencrypt/le-installer: Permission denied
', integer '5')
1: /opt/psa/admin/plib/pm/ApiCli.php:143
    pm_ApiCli::_execCommand(string 'le-installer', string ''/opt/psa/admin/bin/modules/letsencrypt/le-installer'  'remove'', integer '5', array)
2: /opt/psa/admin/plib/pm/ApiCli.php:91
    pm_ApiCli::callSbin(string 'le-installer', array)
3: /opt/psa/admin/plib/modules/letsencrypt/library/Installer.php:96
    Modules_Letsencrypt_Installer::cleanup()
4: /opt/psa/admin/plib/modules/letsencrypt/scripts/pre-uninstall.php:6
ERROR: pm_Exception_ResultException: Execution le-installer has failed with exit code 126, stdout: , stderr: sh: 1: /opt/psa/admin/bin/modules/letsencrypt/le-installer: Permission denied
(ApiCli.php:150)

I have Ubuntu 16.04 reinstalled and installed plesk on a clean Server.

Whats wrong?

 

[UFHH01]

Hi Tomili,

pls. try to DISABLE SSL - support for the depending domain, and RE-ENABLE it back again afterwards.

If this didn't already solve your issue, pls. consider to use the "Plesk Repair Utility" ( => Plesk Repair Utility - Plesk Onyx online documentation ) with for example:

plesk repair web -sslcerts -v

or/and

plesk repair web -v​

Another option to use the "Plesk Repair Utility" is for example:

plesk repair installation -v

or/and

plesk repair all -v​

 

[Tomili]

Hoi UFHH01

Thx for your fast answere
I have tried all your tips, but nothing has changed.

All error messages are the same.

And the ssl toggle don't work.
When i do this on my main domain become an error.

Fehler: phpinimng failed: Job for php7.0-fpm.service failed. See "systemctl status php7.0-fpm.service" and "journalctl -xe" for details. Failed to restart php7.0-fpm service

And when i do this an subdomain was the task success but the let's enbcrypt dont work.

 

[UFHH01]

Hi Tomili,

if you followed the suggestions, you will have depending logs from your repair - processes at "/var/log/plesk". Consider to use these logs to investigate possible issues/errors and post corresponding entries, if you need help with the investigations in case of possible errors/issues/problems.


In addition, it is nice that you provide the error - informations as for example:

Fehler: phpinimng failed: Job for php7.0-fpm.service failed. See "systemctl status php7.0-fpm.service" and "journalctl -xe" for details. Failed to restart php7.0-fpm service

... but you totally miss to provide the informations which you get, when you actually USE THE SUGGESTED COMMANDS from your error - message:

=> systemctl status php7.0-fpm.service
=> journalctl -xe​

In addition, EACH Plesk - PHP-FPM - version has it's very own log - files, located at "/var/log/plesk-phpXX-fpm/", where "XX" has to be replaced with the corresponding PHP - version. Pls. don't forget to look at the corresponding "error.log", if you experience issues/errors/problems with Plesk - PHP-FPM - services and correct/solve them so that the service is in an active state.



A statement as

... but the let's enbcrypt dont work ...

is really hard to investigate, because it can be all and nothing - from browser - issues, over to non-active services ( apache, nginx, php-fpm, ... ), up to psa - database inconsistencies. Pls. be so kind to inform people willing to help you a bit more in detail, so that possible investigations don't start with the questions "Is apache running?", "Is nginx running?", "Is the corresponding domain - specific PHP-FPM service running", ... - the more informations ( facts ) you provide, the better will be possible suggestions which should help to solve your issue(s).
Even that it is pretty obvious, that the service "php7.0-fpm" might be your root cause, you can avoid back and forth questions.

Pls. consider to solve issues, before you continue with something different - some issues depend on other ones and often enough corresponding issues can be solved by solving the first one.



Additional informations to your error - message:

Fehler: phpinimng failed: Job for php7.0-fpm.service failed. See "systemctl status php7.0-fpm.service" and "journalctl -xe" for details. Failed to restart php7.0-fpm service

can lead to a previous started PHP-FPM - socket for the specific domain/subdomain, which causes a failure, when you try to restart another socket, with another PHP - handler.

Consider to stop for example the Plesk-PHP5.6-FPM and the Plesk-PHP7.0-FPM service manually with the command:

service plesk-php56-fpm stop && service plesk-php70-fpm stop​

Pls. check afterwards that there are no more ( orphaned ) sockets at for example:

/var/www/vhosts/system/DOMAIN-OR-SUB-DOMAIN.COM/​

and check as well, that you have ONLY ONE domain-subdomain - specific PHP-FPM configuration at for example "/opt/plesk/php/5.6/etc/php-fpm.d/" AND "/opt/plesk/php/7.0/etc/php-fpm.d/" ( use for example "ls -lah /opt/plesk/php/5.6/etc/php-fpm.d" to list the existent configuration files ).

When you checked, that you have ONLY ONE domain-subdomain - specific PHP-FPM configuration file, restart the depending services with:

service plesk-php56-fpm start && service plesk-php70-fpm start​

You should remember, if you previously changed a PHP - handler for your domain or subdomain, so pls. consider to adapt the examples with the correct service.

 

[Tomili]

Thx for the ANswere and sorry for my bad englisch, better i can write in German ;-)
So i have now collected some information

In all directories on /var/www/vhosts/system/xxxx/
are one php-fpm.sock buch i can't stop this service with service php-fpm stop.
i become the error php-fpm: unrecognized service
I have run the code

service plesk-php56-fpm stop && service plesk-php70-fpm stop

and i see the error

Usage: /etc/init.d/php-fpm {start|stop|status|restart|condrestart|reload|force-reload}

My main domain is kbs02.ch and i have 4 Subdomains configured.

First the output of => systemctl status php7.0-fpm.service

Output of => journalctl -xe
The Log was to long for this post, so i take an txt file.
https://www.dropbox.com/s/m9qkn74qij8lrun/journalctl-xe.txt?dl=0

output from => /var/log/plesk-php70-fpm/error.log

[03-Nov-2016 19:49:22] ERROR: No pool defined. at least one pool section must be specified in config file
[03-Nov-2016 19:49:22] ERROR: failed to post process the configuration
[03-Nov-2016 19:49:22] ERROR: FPM initialization failed
[03-Nov-2016 21:10:36] ERROR: No pool defined. at least one pool section must be specified in config file
[03-Nov-2016 21:10:36] ERROR: failed to post process the configuration
[03-Nov-2016 21:10:36] ERROR: FPM initialization failed
[03-Nov-2016 21:20:08] ERROR: No pool defined. at least one pool section must be specified in config file
[03-Nov-2016 21:20:08] ERROR: failed to post process the configuration
[03-Nov-2016 21:20:08] ERROR: FPM initialization failed
[03-Nov-2016 21:23:12] ERROR: No pool defined. at least one pool section must be specified in config file
[03-Nov-2016 21:23:12] ERROR: failed to post process the configuration
[03-Nov-2016 21:23:12] ERROR: FPM initialization failed

Service Information about my plesk

I hope this information are hopefull.
Thx so much for helping me.

 

[UFHH01]

Hi Tomili,

In all directories on /var/www/vhosts/system/xxxx/
are one php-fpm.sock

This leads to the fact, that depending domain-subdomain specific PHP-FPM - configuration files are existent and the corresponding PHP-FPM - services are in an active state.

i can't stop this service with service php-fpm stop

hm... actually, you can see the answer in your next output from your command line

Usage: /etc/init.d/php-fpm {start|stop|status|restart|condrestart|reload|force-reload}

Pls. make sure that the following packages are installed on your server, when you use the command "service SERVICE-NAME OPTION" ( for Debian/Ubuntu - based systems ):

aptitude install init init-system-helpers​

... otherwise, you have to use a command as for example:

/etc/init.d/plesk-php56-fpm stop
instead of
service plesk-php56-fpm stop​

or for your vendor - PHP-FPM - service ( which is named "php7.0-fpm" and not "php-fpm" - the "hint" is just to inform you about the usage ! )

/etc/init.d/php7.0-fpm stop
instead of
service php7.0-fpm stop​

You are able to locate existent "init - scripts" at "/etc/init.d/" with for example:

ls -lah /etc/init.d | grep php​

To remove, or to disable/enable "init - scripts", you would use the commands ( on Debian/Ubuntu - based systems ):

update-rc.d -f INIT-SCRIPT-NAME remove
update-rc.d -f INIT-SCRIPT-NAME disable
update-rc.d -f INIT-SCRIPT-NAME enable​

Note:
If you would like to use "systemd" - commands, you have to use for example:

systemctl start SERVICE-NAME.service​

( Adapted to "plesk-php56-fpm" you would use: "systemctl start plesk-php56-fpm.service" )​

output from => /var/log/plesk-php70-fpm/error.log

You can see in the logs, that there is no domain/subdomain - specific configuration file configured with the PHP - handler "plesk-php70-fpm". The service "plesk-php70-fpm" can only be started/restarted, if AT LEAST ONE configuration file for it exists! The folder "/opt/plesk/php/7.0/etc/php-fpm.d/" is EMPTY, or doesn't contain a file with a *.conf - ending.



Now back to your initial issue:

You could investigate, that you might had to install some needed system packages on your server. Pls. consider as well to use the additional command "aptitude upgrade", to be sure, that your system and the depending packages are up-to-date. Afterwards, pls. run again:

plesk repair installation -v​

after you installed the suggested packages and possible updates/upgrades. ( Pls. don't forget to inspect the repair - log, which should point you to possible issues/errors/problems! ).


Next, you could try again to choose for example the PHP - handler "plesk-php70-fpm" for one of your domains/subdomains at "Home > Subscriptions > YOUR-DOMAIN.COM > PHP Settings", to make sure that changes to a specific PHP - handler work as expected.


In addition, pls. try again now to install a Let's Encrypt - certificate for the very same domain/subdomain and as always, pls. report possible issues/errors/problems.

 

[Tomili]

Thx so much fpr the answere :-D

I have no more annoying, lets's encrypt just does not work.
It just does not work, not what I try.

EDIT

So i run the aptitude upgrade and the output is

After this i do the plesk repair installation -v

I changed the PHP version from 7.0.8 to 7.0.12 and disabled the 7.0.8 in Settings

The errors at let's crypt installations are the same.

Gruss und danke

 

[UFHH01]

Hi Tomili,

you could as well try to solve your issue by removing the Let's encrypt extension, with a followed re-installation ( either over the Plesk Control Panel: => "Home > Extensions" ) or with the "Plesk Installer" - usage:

List the installed Plesk components:

plesk installer --select-product-id plesk --select-release-current --show-components --show-options​

Remove a Plesk component:

plesk installer --select-product-id plesk --select-release-current --remove-component letsencrypt​

Install a Plesk component:

plesk installer --select-product-id plesk --select-release-current --install-component letsencrypt​

General "HELP" - command to see possible options, when you use the "Plesk Installer" from your command line:

plesk installer --help​

 

[Tomili]

Hi

I have run all of this commands.

After run the Install command i run the first command to show the commponents again.
But the letsencrypt has not installed :-|

And whe i install the Extension over the Plesk control panel i see the error that i post on my first Post.
Nothings works.

 

[Bitpalast]

I think there is a possibility that the Let's Encrypt error message is not related to the individual domain that you are trying to configure, but to the host's certificate. The extension tries to communicate through a secure port with the Let's Encrypt server and the error message is saying that the certificate for that session is missing. Can you verify that your hosts's default SSL certificate is in place an functioning?

 

[UFHH01]

Hi Peter Debik,

the issue existed because of network and DNS misconfigurations.

 

[dd360]

hey i had the same issue // found this ---> Error "Unable to set certificate name :" · plesk/letsencrypt-plesk Wiki · GitHub

at me these steps helped perfect = go to Database certificates and deleted the old needed ones reinstall new ones // psa

 

[fifashb]

Hi safed my day dd360 thanks a lot. The problem comes up on a downgrade from plesk webserver version to the web admin version and the import from remote server. hope it helps someone cheers