Facebook
Twitter
Securing Plesk and Mail with Letsencrypt was working flawless for more than a year.
Today the main Certificate protecting Plesk and mail could not be renewed. The Error:
---
Command 'certmng' failed with exit code 1, stdout: certmng: Unable to open file "/run/lock/files/f50b0e54147637265953a84afbd5ef19": No such file or directory.
System error 2: No such file or directory
certmng: Error occurred while locking the file /opt/psa/admin/conf/httpsd.pem
System error 2: No such file or directory
certmng: Unable to copy certificate file /opt/psa/var/modules/letsencrypt/tmp/cp-h6ikdM: No such file or directory
System error 2: No such file or directory
, stderr: certmng: Unable to open file "/run/lock/files/f50b0e54147637265953a84afbd5ef19": No such file or directory.
System error 2: No such file or directory
certmng: Error occurred while locking the file /opt/psa/admin/conf/httpsd.pem
System error 2: No such file or directory
certmng: Unable to copy certificate file /opt/psa/var/modules/letsencrypt/tmp/cp-h6ikdM: No such file or directory
System error 2: No such file or directory
---
- The lock file does not exist
- /opt/psa/var/modules/letsencrypt/tmp/cp-h6ikdM does exist, owned by psaadm only readable
- /opt/psa/admin/conf/httpsd.pem did not exist
I created httpsd.pem (openssl req -new -nodes -x509 -out httpsd.pem -newkey rsa:2048 -keyout httpsd.pem -days 3650)
and changed the owner to psaadm
saadm
Then tried to change the used certificate in plesk - tools - ssl/tls. Same error as above and httpsd.pem is deleted.
After that i recreated httpsd.pem and tried to renew the letsencrypt certificate - rate limit.
crt.sh does only show 2 renewals today and 4 on 2019-01-25 - i have no idea why there are 4 renewals but it have been 4 for every renewal since may 2018.
I then disabled the task renewing the certificates.
EDIT:
I noticed an error Message concerning backups. Unable to open file /run/lock/files/backup_encrypt.lock
/run/lock/files involved again
I followed the steps in "Various actions fail in Plesk with Fail2Ban installed after server reboot: Unable to open file /run/lock/files/, There is no directory /var/run/" (can not paste the link)
I was then able to change between existing certificates again. I did not try to renew letsencrypt certificates yet, i will wait to avoid the limit.
END EDIT
Not sure if it is important, but i want to mention
The first Problem i had with letsencrypt on the same machine:
I reactivated a subdomain secured by letsencrypt that was disabled for a few months. That subdomain could not be renewed. Reason was the rate limit.
crt.sh does show that there was not 1 renewal every 2 month as before but 10 renewals every 7 days. I was not able to fix the problem, but since it was an unimportant subdomain i deactivated it again and used another one.
Today the main Certificate protecting Plesk and mail could not be renewed. The Error:
---
Command 'certmng' failed with exit code 1, stdout: certmng: Unable to open file "/run/lock/files/f50b0e54147637265953a84afbd5ef19": No such file or directory.
System error 2: No such file or directory
certmng: Error occurred while locking the file /opt/psa/admin/conf/httpsd.pem
System error 2: No such file or directory
certmng: Unable to copy certificate file /opt/psa/var/modules/letsencrypt/tmp/cp-h6ikdM: No such file or directory
System error 2: No such file or directory
, stderr: certmng: Unable to open file "/run/lock/files/f50b0e54147637265953a84afbd5ef19": No such file or directory.
System error 2: No such file or directory
certmng: Error occurred while locking the file /opt/psa/admin/conf/httpsd.pem
System error 2: No such file or directory
certmng: Unable to copy certificate file /opt/psa/var/modules/letsencrypt/tmp/cp-h6ikdM: No such file or directory
System error 2: No such file or directory
---
- The lock file does not exist
- /opt/psa/var/modules/letsencrypt/tmp/cp-h6ikdM does exist, owned by psaadm only readable
- /opt/psa/admin/conf/httpsd.pem did not exist
I created httpsd.pem (openssl req -new -nodes -x509 -out httpsd.pem -newkey rsa:2048 -keyout httpsd.pem -days 3650)
and changed the owner to psaadm
saadmThen tried to change the used certificate in plesk - tools - ssl/tls. Same error as above and httpsd.pem is deleted.
After that i recreated httpsd.pem and tried to renew the letsencrypt certificate - rate limit.
crt.sh does only show 2 renewals today and 4 on 2019-01-25 - i have no idea why there are 4 renewals but it have been 4 for every renewal since may 2018.
I then disabled the task renewing the certificates.
EDIT:
I noticed an error Message concerning backups. Unable to open file /run/lock/files/backup_encrypt.lock
/run/lock/files involved again
I followed the steps in "Various actions fail in Plesk with Fail2Ban installed after server reboot: Unable to open file /run/lock/files/, There is no directory /var/run/" (can not paste the link)
I was then able to change between existing certificates again. I did not try to renew letsencrypt certificates yet, i will wait to avoid the limit.
END EDIT
Not sure if it is important, but i want to mention
The first Problem i had with letsencrypt on the same machine:
I reactivated a subdomain secured by letsencrypt that was disabled for a few months. That subdomain could not be renewed. Reason was the rate limit.
crt.sh does show that there was not 1 renewal every 2 month as before but 10 renewals every 7 days. I was not able to fix the problem, but since it was an unimportant subdomain i deactivated it again and used another one.
Last edited:
