• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Issue Lets Encrypt not working

Stuart De Usoz

Stuart De Usoz

New Pleskian
I've setup a few domains and subdomain letencrypt certs on a server at Ionos USA , yet it's not working. I have other Plesk servers so I'm rather familiar with process. With this Centos 6 server I have a few domains but the server always looks at a single domain certificate on the server, no matter which domain or subdomain browser points to. Yet on the Plesk panel Domains Let's Encrypt appears to have been installed, and I can renew it, but still does not translate to browser...(error from Chrome:)

This server could not prove that it is dev.medapartments.com; its security certificate is from hmsys.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

I tried running the subdomain as php 5.6 and 7.2 and both nginx/fpm and apache/fastCGI, as well as tried turning off proxy mode with nginx. every time I tried to run:

plesk repair web -sslcerts dev.medapartments.com

I get this:
________________________________________________________________________

Repairing web server configuration
Reinstalling SSL/TLS certificates ............................... [OK]
Applying the default SSL/TLS certificate to all IP addresses .... [OK]

Repair web server configuration for domains dev.medapartments.com? [Y/n] y
Repairing web server configuration for the domain
dev.medapartments.com ........................................... [2019-08-09 11:47:44.260] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/httpdmng' '--reconfigure-domain' 'dev.medapartments.com'] with exit code [1]
[FAILED]
- httpdmng failed: [2019-08-09 11:47:42.741] ERR [util_exec]
proc_close() failed ['/usr/local/psa/admin/bin/nginx_control'
'--restart'] with exit code [1]
Can not reload proxy server:
_____________________________________________________

Oh and I tried going to main domain medapartments.com and setting up wildcard lets encrypt which required I add a TXT record, did all that. still browser/server are telling me cert is pointing at different domain. Also enabled tls/ssl in hosting options, check. Also the correct specific subdomain cert is chosen in pulldown for certs in hosting.
 
Now I see that the nginx reverse proxy server is not started and will not start with this error:
Unable to start service: Unable to manage service by nginxmng: ('start', 'nginx'). Error: [2019-08-10 15:43:28.633] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/nginx_control' '--start'] with exit code [1] Can not start proxy server:

Any ideas on how to fix that? thank you
 
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
 
/var/log/messages


Aug 10 15:51:06 u17483829 named[21888]: client 123.232.112.70#14885: query (cache) '0531ggt.com/A/IN' denied
Aug 10 15:51:23 u17483829 xinetd[3203]: START: smtp pid=25731 from=::ffff:185.234.218.238
Aug 10 15:51:26 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25731 duration=3(sec)
Aug 10 15:52:23 u17483829 xinetd[3203]: START: smtp pid=25735 from=::ffff:185.234.219.193
Aug 10 15:52:26 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25735 duration=3(sec)
Aug 10 15:55:12 u17483829 xinetd[3203]: START: smtp pid=25753 from=::ffff:193.169.252.212
Aug 10 15:55:14 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25753 duration=2(sec)
Aug 10 15:55:37 u17483829 named[21888]: client 74.208.2.6#60721: zone transfer 'hmsys.biz/AXFR/IN' denied
Aug 10 15:55:40 u17483829 xinetd[3203]: START: smtp pid=25757 from=::ffff:185.234.219.192
Aug 10 15:55:43 u17483829 xinetd[3203]: EXIT: smtp status=1 pid=25757 duration=3(sec)
 
tail /var/log/nginx/error.log

Oh, OK so this must indicate same issue with port 80 and 443 as well

2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 15:43:25 [emerg] 25219#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
 
/usr/local/psa/admin/sbin/nginxmng -d

[2019-08-10 16:15:39.954] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/nginx_proxy' '--off' '--port-map' '7080:80,7081:443'] with exit code [255]
disabling nginx proxy failed :
255 /usr/local/psa/admin/sbin/pleskrc execution failed:

aye yi yi, the sites are down now with Gateway 500

/usr/local/psa/admin/sbin/nginxmng -e

And the sites are back up, whew...
 
Then I still could not start proxy server.
I unchecked Passenger and Python Apache modules as thought something might conflict as I see passenger.conf in nginx.
Did all the above again nginxmng -d
Still failed
nginxmng -e succeeds and sites are up
 
nginx error log, yet netstat says only nginx is listening to port 80


2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.195.137:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.205.197:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.226.18:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.166.153:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to 74.208.201.47:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:80 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: bind() to [2607:f1c0:846:d600::3f:8d49]:443 failed (98: Address already in use)
2019/08/10 18:24:05 [emerg] 16171#0: still could not bind()
 
netstat -plnt | grep ':80'
tcp 0 0 74.208.201.47:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.226.18:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.205.197:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.166.153:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 74.208.195.137:80 0.0.0.0:* LISTEN 21264/nginx
tcp 0 0 2607:f1c0:846:d600::3f:8:80 :::*
 
You must log in or register to reply here.

Similar threads

D
Issue Lets Encrypt Not Successful over port 80
Replies
8
Views
485
Daiv
D
Hangover2
Forwarded to devs SSL It! breaks renewal and usage of Let's Encrypt wildcard certificates when subdomains are involved
2
Replies
29
Views
6K
Hangover2
Hangover2
Azurel
Resolved Mail for "Let`s Encrypt certificates for ***** have been issued/renewed" missing?
Replies
2
Views
316
Azurel
Azurel
J
Resolved WordPress Network setup on Alias -- how to add alternative domains with Lets Encrypt SSL Certs?
Replies
3
Views
418
joell
J
Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
3K
Peter Debik
P
Back
Top