Problems with Parallels Plesk Panel-Key-Update

[AlbrechtB]

Hello,

I have a problem, with Parallels Plesk Panel-Key-Update. I always get messages that Parallels Plesk Panel-Key-Update is deferred due to problems . Tried to update it through the panel - I get a "SSL connection error".

I tried the connection with telnet from the command line as described in the kb articles. Connection could be established. And now ? I am now in a kind of grace period with my license and I need help.

Any advice is highly appreciated

Regards, Albrecht

 

[IgorG]

Do you mean this KB article?
http://kb.odin.com/en/6096

 

[AlbrechtB]

No there ws another one telling how to check connection on that port via telnet...

I tried the following:

curl -k https://ka.parallels.com:5224
curl: (35) error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected page

I tried then:

curl -k https://ka.parallels.com:5224 --sslv3
<html><head><title>Apache Tomcat/6.0.18 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 403 - Only PKP XML-RPC requests to /xmlrpc are allowed on the port 5224</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Only PKP XML-RPC requests to /xmlrpc are allowed on the port 5224</u></p><p><b>description</b> <u>Access to the specified resource (Only PKP XML-RPC requests to /xmlrpc are allowed on the port 5224) has been forbidden.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.18</h3></body></html>

My libcurl version is:

libcurl4 cURL shared library version 4 7.19.0

My OS : openSuse 11.1

What shall I do ?

 

[IgorG]

According KB article you should downgrade libcurl.

 

[AlbrechtB]

Igor,

I installed libcurl3-7.15.5. libcurl4-7.19.0 is still add. installed. Can't remove it because it will deinstall then most of the psa-modules. Curl itself is at 7.19.0 .

Downgrade libcurl to versin 7.15.5-1etch1.

Can't do that because I have Suse not Debian.

I restartet and made the tests described in the kb article:

h1605521:~ # curl -k https://ka.parallels.com:5224 -sslv2
* About to connect() to ka.parallels.com port 5224 (#0)
* Trying 64.131.90.38... connected
* Connected to ka.parallels.com (64.131.90.38) port 5224 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv2, Client hello (1):
* error:1406D0CB:SSL routines:GET_SERVER_HELLOeer error no cipher
* Closing connection #0
h1605521:~ #

h1605521:~ # curl -k https://ka.parallels.com:5224 -sslv3
* About to connect() to ka.parallels.com port 5224 (#0)
* Trying 64.131.90.38... connected
* Connected to ka.parallels.com (64.131.90.38) port 5224 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
* subject: /C=US/O=ka.plesk.com/OU=Business Registration: https://services.choicepoint.net/get.jsp?4110196571/OU=See www.geotrust.com/quickssl/cps (c)03/OU=Domain Control Validated/CN=ka.plesk.com
* start date: 2003-08-21 06:21:43 GMT
* expire date: 2004-10-20 06:21:43 GMT
* common name: ka.plesk.com (does not match 'ka.parallels.com')
* issuer: /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET / HTTP/1.1
> User-Agent: curl/7.19.0 (i686-suse-linux-gnu) libcurl/7.19.0 OpenSSL/0.9.8k zlib/1.2.3 libidn/1.10
> Host: ka.parallels.com:5224
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Server: Apache-Coyote/1.1
< Content-Type: text/html;charset=utf-8
< Content-Length: 1159
< Date: Mon, 22 Mar 2010 08:01:53 GMT
<
* Connection #0 to host ka.parallels.com left intact
* Closing connection #0
* SSLv3, TLS alert, Client hello (1):
<html><head><title>Apache Tomcat/6.0.18 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 403 - Only PKP XML-RPC requests to /xmlrpc are allowed on the port 5224</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>Only PKP XML-RPC requests to /xmlrpc are allowed on the port 5224</u></p><p><b>description</b> <u>Access to the specified resource (Only PKP XML-RPC requests to /xmlrpc are allowed on the port 5224) has been forbidden.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/6.0.18</h3></body></html>h1605521:~ #

 

[AlbrechtB]

and here is the rest of what I wanted to say (previous post ran out before I had finished it :

I still get the ssl connect error when running the retrieve key command in plesk panel ?

Regards, Albrecht

 

[AlbrechtB]

... and now today my key is expired ....

Please Help !!

 

[NikoO]

Is there any solution to this problem? I ran into the same and I am not able to downgrade.

Thanks

Derion

 

[David Cottle]

Why are all these damn plesk packages hard codes against specific versions?

Seems openssl and now libcurl.

You should never have to not upgrade or exclude packages due to this

Normally curl and libcurl go together. If everyone built packages like plesk do, one single update means 50 packages need to be rebuilt!

 

[KlausR2020]

Has anyone fixed this issue?

I have the following nightmare on one of our SuSE 11.1 Servers:
- Yast Online Update (YES, never do this if plesk installed) updated libcurl and guess what: Key-Update-Status
SSL connect error

The nightmare continues, if I saw Plesk 9.5... is available. Updated with autoinstaller from console with plesk default key, because I thought, may be the problem is fixed in this version.

Now:
Plesk is unuseable,because it says: SSL connect error

Any Ideas?

Regards, KlausR2020

 

[Christian Gassmann]

Same issue here, waiting for an urgent fix!

OpenSuSE 11.1, Plesk 9.5.1, "ssl connect error" on key update

Regards,
Christian