• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Issue Lets Encrypt not working

Stuart De Usoz

Stuart De Usoz

New Pleskian
I've setup a few domains and subdomain letencrypt certs on a server at Ionos USA , yet it's not working. I have other Plesk servers so I'm rather familiar with process. With this Centos 6 server I have a few domains but the server always looks at a single domain certificate on the server, no matter which domain or subdomain browser points to. Yet on the Plesk panel Domains Let's Encrypt appears to have been installed, and I can renew it, but still does not translate to browser...(error from Chrome:)

This server could not prove that it is dev.medapartments.com; its security certificate is from hmsys.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

I tried running the subdomain as php 5.6 and 7.2 and both nginx/fpm and apache/fastCGI, as well as tried turning off proxy mode with nginx. every time I tried to run:

plesk repair web -sslcerts dev.medapartments.com

I get this:
________________________________________________________________________

Repairing web server configuration
Reinstalling SSL/TLS certificates ............................... [OK]
Applying the default SSL/TLS certificate to all IP addresses .... [OK]

Repair web server configuration for domains dev.medapartments.com? [Y/n] y
Repairing web server configuration for the domain
dev.medapartments.com ........................................... [2019-08-09 11:47:44.260] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/httpdmng' '--reconfigure-domain' 'dev.medapartments.com'] with exit code [1]
[FAILED]
- httpdmng failed: [2019-08-09 11:47:42.741] ERR [util_exec]
proc_close() failed ['/usr/local/psa/admin/bin/nginx_control'
'--restart'] with exit code [1]
Can not reload proxy server:
_____________________________________________________

Oh and I tried going to main domain medapartments.com and setting up wildcard lets encrypt which required I add a TXT record, did all that. still browser/server are telling me cert is pointing at different domain. Also enabled tls/ssl in hosting options, check. Also the correct specific subdomain cert is chosen in pulldown for certs in hosting.
 
Now I see that the nginx reverse proxy server is not started and will not start with this error:
Unable to start service: Unable to manage service by nginxmng: ('start', 'nginx'). Error: [2019-08-10 15:43:28.633] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/nginx_control' '--start'] with exit code [1] Can not start proxy server:

Any ideas on how to fix that? thank you
 
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
 
/var/log/messages


Aug 10 15:51:06 u17483829 named[21888]: client 123.232.112.70#14885: query (cache) '0531ggt.com/A/IN' denied
Aug 10 15:51:23 u17483829 xinetd[3203]: START: smtp pid=25731 from=::ffff:185.234.218.238
Aug 10 15:51:26 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25731 duration=3(sec)
Aug 10 15:52:23 u17483829 xinetd[3203]: START: smtp pid=25735 from=::ffff:185.234.219.193
Aug 10 15:52:26 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25735 duration=3(sec)
Aug 10 15:55:12 u17483829 xinetd[3203]: START: smtp pid=25753 from=::ffff:193.169.252.212
Aug 10 15:55:14 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25753 duration=2(sec)
Aug 10 15:55:37 u17483829 named[21888]: client 74.208.2.6#60721: zone transfer 'hmsys.biz/AXFR/IN' denied
Aug 10 15:55:40 u17483829 xinetd[3203]: START: smtp pid=25757 from=::ffff:185.234.219.192
Aug 10 15:55:43 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25757 duration=3(sec)
 
tail /var/log/nginx/error.log

Oh, OK so this must indicate same issue with port 80 and 443 as well

2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
 
/usr/local/psa/admin/sbin/nginxmng -d

[2019-08-10 16:15:39.954] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/nginx_proxy' '--off' '--port-map' '7080:80,7081:443'] with exit code [255]
disabling nginx proxy failed :
255 /usr/local/psa/admin/sbin/pleskrc execution failed:

aye yi yi, the sites are down now with Gateway 500

/usr/local/psa/admin/sbin/nginxmng -e

And the sites are back up, whew...
 
Then I still could not start proxy server.
I unchecked Passenger and Python Apache modules as thought something might conflict as I see passenger.conf in nginx.
Did all the above again nginxmng -d
Still failed
nginxmng -e succeeds and sites are up
 
nginx error log, yet netstat says only nginx is listening to port 80


2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: still could not bind()
 
netstat -plnt | grep ':80'
tcp 0 0 74.208.201.47:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.226.18:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.205.197:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.166.153:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.195.137:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 2607:f1c0:846:d600::3f:8:80 :::*
 
You must log in or register to reply here.

Similar threads

J
Issue Let's encrypt for Plesk cannot be renewed status 500
Replies
1
Views
349
Sebahat.hadzhi
Sebahat.hadzhi
M
Resolved Lets Encrypt not issuing certs for subdomains
Replies
2
Views
273
mendip_discovery
M
D
Question Renewing Let's encrypt automatically
Replies
3
Views
494
Kaspar
K
R
Issue SSL/TLS cert for mail server not updating (Lets Encrypt)
Replies
2
Views
890
tessa67
T
L
Issue ( authorization token is unavailable ) Could not issue/renew Let`s Encrypt certificates
Replies
7
Views
348
Leta
L
Back
Top