• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Issue Lets Encrypt not working

Stuart De Usoz

Stuart De Usoz

New Pleskian
I've setup a few domains and subdomain letencrypt certs on a server at Ionos USA , yet it's not working. I have other Plesk servers so I'm rather familiar with process. With this Centos 6 server I have a few domains but the server always looks at a single domain certificate on the server, no matter which domain or subdomain browser points to. Yet on the Plesk panel Domains Let's Encrypt appears to have been installed, and I can renew it, but still does not translate to browser...(error from Chrome:)

This server could not prove that it is dev.medapartments.com; its security certificate is from hmsys.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

I tried running the subdomain as php 5.6 and 7.2 and both nginx/fpm and apache/fastCGI, as well as tried turning off proxy mode with nginx. every time I tried to run:

plesk repair web -sslcerts dev.medapartments.com

I get this:
________________________________________________________________________

Repairing web server configuration
Reinstalling SSL/TLS certificates ............................... [OK]
Applying the default SSL/TLS certificate to all IP addresses .... [OK]

Repair web server configuration for domains dev.medapartments.com? [Y/n] y
Repairing web server configuration for the domain
dev.medapartments.com ........................................... [2019-08-09 11:47:44.260] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/httpdmng' '--reconfigure-domain' 'dev.medapartments.com'] with exit code [1]
[FAILED]
- httpdmng failed: [2019-08-09 11:47:42.741] ERR [util_exec]
proc_close() failed ['/usr/local/psa/admin/bin/nginx_control'
'--restart'] with exit code [1]
Can not reload proxy server:
_____________________________________________________

Oh and I tried going to main domain medapartments.com and setting up wildcard lets encrypt which required I add a TXT record, did all that. still browser/server are telling me cert is pointing at different domain. Also enabled tls/ssl in hosting options, check. Also the correct specific subdomain cert is chosen in pulldown for certs in hosting.
 
Now I see that the nginx reverse proxy server is not started and will not start with this error:
Unable to start service: Unable to manage service by nginxmng: ('start', 'nginx'). Error: [2019-08-10 15:43:28.633] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/nginx_control' '--start'] with exit code [1] Can not start proxy server:

Any ideas on how to fix that? thank you
 
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
 
/var/log/messages


Aug 10 15:51:06 u17483829 named[21888]: client 123.232.112.70#14885: query (cache) '0531ggt.com/A/IN' denied
Aug 10 15:51:23 u17483829 xinetd[3203]: START: smtp pid=25731 from=::ffff:185.234.218.238
Aug 10 15:51:26 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25731 duration=3(sec)
Aug 10 15:52:23 u17483829 xinetd[3203]: START: smtp pid=25735 from=::ffff:185.234.219.193
Aug 10 15:52:26 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25735 duration=3(sec)
Aug 10 15:55:12 u17483829 xinetd[3203]: START: smtp pid=25753 from=::ffff:193.169.252.212
Aug 10 15:55:14 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25753 duration=2(sec)
Aug 10 15:55:37 u17483829 named[21888]: client 74.208.2.6#60721: zone transfer 'hmsys.biz/AXFR/IN' denied
Aug 10 15:55:40 u17483829 xinetd[3203]: START: smtp pid=25757 from=::ffff:185.234.219.192
Aug 10 15:55:43 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25757 duration=3(sec)
 
tail /var/log/nginx/error.log

Oh, OK so this must indicate same issue with port 80 and 443 as well

2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
 
/usr/local/psa/admin/sbin/nginxmng -d

[2019-08-10 16:15:39.954] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/nginx_proxy' '--off' '--port-map' '7080:80,7081:443'] with exit code [255]
disabling nginx proxy failed :
255 /usr/local/psa/admin/sbin/pleskrc execution failed:

aye yi yi, the sites are down now with Gateway 500

/usr/local/psa/admin/sbin/nginxmng -e

And the sites are back up, whew...
 
Then I still could not start proxy server.
I unchecked Passenger and Python Apache modules as thought something might conflict as I see passenger.conf in nginx.
Did all the above again nginxmng -d
Still failed
nginxmng -e succeeds and sites are up
 
nginx error log, yet netstat says only nginx is listening to port 80


2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: still could not bind()
 
netstat -plnt | grep ':80'
tcp 0 0 74.208.201.47:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.226.18:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.205.197:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.166.153:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.195.137:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 2607:f1c0:846:d600::3f:8:80 :::*
 
You must log in or register to reply here.

Similar threads

D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
355
Daiv
D
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
28
Views
6K
marcoherzog
M
Azurel
Resolved Mail for "Let`s Encrypt certificates for ***** have been issued/renewed" missing?
Replies
2
Views
263
Azurel
Azurel
J
Resolved WordPress Network setup on Alias -- how to add alternative domains with Lets Encrypt SSL Certs?
Replies
3
Views
352
joell
J
Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
2K
Peter Debik
P
Back
Top