Issue Plesk 12 --> 17 update --> Panel Problem

[futureweb]

Hello,

I just upgraded one of our Plesk 12 Servers to Onyx.
After the upgrade "sw_cp_server" Service refused to start (Starting sw_cp_server service... failed) ... checked all Logs but they did not indicate any Problem ... after some deeper investigation I found out that "ssl_ciphers" was set twive within sw-cp-server configs - and that this caused the startup problem ... (/var/log/plesk/sw-cp-server/error_log - 2017/02/06 18:30:16 [emerg] 6944#0: "ssl_ciphers" directive is duplicate in /etc/sw-cp-server/conf.d/ssl.conf:1)
If I remember right this change was suggest because of POODLE Attack?!? (not 100% sure)

CT-361-bash-4.1# grep -ri "ssl_ciphers" /etc/sw-cp-server/conf.d/*
/etc/sw-cp-server/conf.d/pci-compliance.conf:#ssl_ciphers HIGH:!aNULL:!MD5;
/etc/sw-cp-server/conf.d/ssl.conf:ssl_ciphers HIGH:!aNULL:!MD5;

Would be good if installer would check for such Problems ...

Bye from Austria
Andreas

 

[IgorG]

As possible workaround just comment ssl_ciphers in /etc/sw-cp-server/conf.d/ssl.conf:

# grep ssl_ciphers /etc/sw-cp-server/conf.d/ssl.conf

#ssl_ciphers HIGH:!aNULL:!MD5;

 

[futureweb]

Hi Igor,
already commented out one. (commented pci-compliance.conf - would it better to comment ssl.conf??)
Mainly made this Thread to help others if they encounter this problem - and to alert you of this potential issue
Andreas

 

[Darren Edwards]

Have just come across this on our server;

Commented out as follows
#ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_prefer_server_ciphers on;

As both were in the pci-compliance.conf file