ssl_ciphers directive is duplicate after 'http2_pref' enable

[Willem Janssen]

After entering command '/usr/local/psa/bin/http2_pref enable' it simply says:

ERR [panel] Apache config (14609715970.61978300) generation failed: Template_Exception: nginx: [emerg] "ssl_ciphers" directive is duplicate in /etc/nginx/conf.d/ssl.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed

file: /usr/local/psa/admin/plib/Template/Writer/Webserver/Abstract.php
line: 75
code: 0
nginx: [emerg] "ssl_ciphers" directive is duplicate in /etc/nginx/conf.d/ssl.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed

The ssl.conf file is empty. What am I doing wrong?

OS: CentOS 6.7
Plesk: 12.5.30 Update 29

Nginx.conf:
#user nginx;
worker_processes 1;

#error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

#pid /var/run/nginx.pid;


events {
worker_connections 1024;
}


http {
include mime.types;
default_type application/octet-stream;
add_header X-Frame-Options SAMEORIGIN;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';

#access_log /var/log/nginx/access.log main;

sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 2;
tcp_nodelay on;

ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384HE-RSA-AES128-GCM-SHA256HE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHAHE-RSA-AES128-SHA256HE-RSA-AES128-SHAHE-DSS-AES128-SHA256HE-RSA-AES256-SHA256HE-DSS-AES256-SHAHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIAES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparam.pem;

gzip on;
gzip_comp_level 2;
gzip_http_version 1.0;
gzip_proxied any;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

# Disable for IE < 6 because there are some known problems
gzip_disable "MSIE [1-6].(?!.*SV1)";

# Add a vary header for downstream proxies to avoid sending cached gzipped files to IE6
gzip_vary on;

server_tokens off;

proxy_buffers 8 32k;
proxy_buffer_size 64k;

add_header Strict-Transport-Security "max-age=31622400; includeSubDomains; preload";
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;

include /etc/nginx/conf.d/*.conf;
}

 

[IgorG]

I hope that this kB article will help - https://kb.plesk.com/en/126774

 

[Willem Janssen]

Thanks!
Tried it but still gives me the 'duplicate' error

 

[IgorG]

Sorry, my mistake, this article is about /etc/sw-cp-server/conf.d/ssl.conf file.
Try to rename file /etc/nginx/conf.d/ssl.conf with

# mv /etc/nginx/conf.d/ssl.conf /etc/nginx/conf.d/ssl.conf.orig

 

[Willem Janssen]

No problem .

Tried it but Plesk still says (after restarting nginx, apache and plesk):

Webserver Configurations Troubleshooter
Error: New configuration files for the Apache web server were not created due to the errors in configuration templates: nginx: [emerg] "ssl_ciphers" directive is duplicate in /etc/nginx/conf.d/ssl.conf:1 nginx: configuration file /etc/nginx/nginx.conf test failed. Search in KB

 

[IgorG]

What about

# plesk repair web

?

 

[Willem Janssen]

Also tried that . It's a really weird error.