Resolved Reverse Proxy server (Nginx) won't start after renewing a domains certificate

[Quinten]

Hello,

Yesterday i renewed a certificate for a domain and suddenly all the websites on the server went down.
After a bit i got apache to run but not the reverse proxy server nginx.

I get this error:

Unable to start service: Unable to manage service by nginxmng: ('start', 'nginx'). Error: [2022-05-19 10:10:52.436] ERR [util_exec] proc_close() failed ['/opt/psa/admin/bin/nginx_control' '--start'] with exit code [1] Can not start proxy server: /opt/psa/admin/sbin/nginx-config execution failed: nginx: [emerg] cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY) nginx: configuration file /etc/nginx/nginx.conf test failed

After reading some other posts about this i tried a few things already:

- Tried rereading the IP
- Tried copying an existing certificate and changing the name to the one mentioned in error, no luck
- Tried using the web repair
- Tried disabling and renabling but doe not work

• /usr/local/psa/admin/bin/nginxmng --disable
• /usr/local/psa/admin/bin/nginxmng --enable

- Tried restoring backup form Plesk and of the Server but that also did not work.

Could anyone provide more help and insight in this please?

Nginx error log:

2022/05/19 07:55:17 [emerg] 30338#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 07:56:52 [emerg] 31477#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 08:05:34 [emerg] 13230#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 08:05:35 [emerg] 13254#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 09:19:54 [emerg] 20409#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 09:38:35 [emerg] 22735#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 09:56:26 [emerg] 24844#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 09:57:24 [emerg] 25159#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)
2022/05/19 10:10:52 [emerg] 27298#0: cannot load certificate key "/opt/psa/var/certificates/cert-XzfWMF": PEM_read_bio_PrivateKey() failed (SSL: error:0906D06CEM routinesEM_read_bio:no start line:Expecting: ANY PRIVATE KEY)

 

[Maarten.]

Hi,

Have you seen this support page?

https://support.plesk.com/hc/en-us/articles/360035348014-Error-displayed-in-Plesk-Home-page-nginx-emerg-cannot-load-certificate-key-usr-local-psa-var-certificates-scfNvuszu-

 

[Quinten]

Hi,

Have you seen this support page?

https://support.plesk.com/hc/en-us/articles/360035348014-Error-displayed-in-Plesk-Home-page-nginx-emerg-cannot-load-certificate-key-usr-local-psa-var-certificates-scfNvuszu-

Hey thanks for the reply,

egrep -Rl scfNvuszu /etc/nginx/ 2> /dev/null running this command gives me nothing back

 

[Quinten]

Hey thanks for the reply,

egrep -Rl scfNvuszu /etc/nginx/ 2> /dev/null running this command gives me nothing back

Sorry i see my mistake now.

I did what the thread said except disabling it.

Now if i want to start it i get

Unable to start service: Unable to manage service by nginxmng: ('start', 'nginx'). Error: [2022-05-19 11:12:00.741] ERR [util_exec] proc_close() failed ['/opt/psa/admin/bin/nginx_control' '--start'] with exit code [1] Can not start proxy server:

 

[Maarten.]

Please check the logs for errors:
/var/log/messages
/var/log/syslog
/var/log/nginx/error.log

Also, check if port 80 is already in use by another process:

# netstat -plnt | grep ':80'

 

[Quinten]

Please check the logs for errors:
/var/log/messages
/var/log/syslog
/var/log/nginx/error.log

Also, check if port 80 is already in use by another process:

# netstat -plnt | grep ':80'

Thanks for your reply.

/var/log/messages is empty
/var/log/syslog has alot of mail related logs but do not see anything else for now
/var/log/nginx/error.log sais some warning abouts server name conflicting but they are being ignored

to netstat -plnt | grep ':80'

tcp6 0 0 :::80 :::* LISTEN 1220/apache2

 

[Maarten.]

Please try these steps to auto-correct the issue:
# /usr/local/psa/admin/sbin/nginxmng -d
# /usr/local/psa/admin/sbin/nginxmng -e

This will reconfigure all Apache and Nginx web server configuration files, and set the Apache configuration to ports 7080 and 7081.

 

[Quinten]

Thank you Maarten it seems to now be up and running!