• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue SSLCACertificateFile: file '/opt/psa/var/certificates/cert-k1Xu9H' does not exist or is empty

C

Christian C

New Pleskian
Hello,

I've got a Problem with my webserver-configuration.

It's a german message shown in "Webserver Configurations Troubleshooter":

Fehler: Aufgrund von Fehlern in den Konfigurations-Templates konnten keine neuen Konfigurationsdateien für den Apache Webserver erstellt werden: AH00526: Syntax error on line 80 of /etc/apache2/plesk.conf.d/webmails/XXXXXX.de_webmail.conf: SSLCACertificateFile: file '/opt/psa/var/certificates/cert-k1Xu9H' does not exist or is empty.

The file exist and isn't empty. The right of the file show normal like the other ones.

Plesk repair on commandline ends without errors.

I've tried to renew all certificates and to change between LetsEncrypt and an bought certificate.


Plesk 17.8.11
Ubuntu 16.04

What can I do to fix?
 
This is a frequent error we are also seeing serveral times daily on all hosts. It is definitely a bug, but difficult to report, because it is not reproduceable manually. Probably a race condition somewhere in the code, because the web server configuration files are created, tested and activated before the SSL certificate file is in place. It is an absolutely annoying issue, because some times when a hard web server restart (the real restart, not the graceful reload) is executed afterwards, the web server stops and cannot be restarted until manual intervention.

The issue is for sure not linked to Cloudflare.

To get it working again:
Identify the domain given in /etc/apache2/plesk.conf.d/webmails/XXXXXX.de_webmail.conf (the XXXXXX.de part).
In the GUI go to that domain, select the default SSL certificate in hosting settings and no certificate in mail settings (if any).
Then go the the SSL icon and remove the existing Let's Encrypt certificate (if any).
Then click on the Let's Encrypt icon to create a new certificate.

Then go into web server configurations trouble shooter and reconfigure "Rebuild">"Broken" configuration files. This last step is only needed to remove the error message from Plesk GUI.
 
Peter Debik said:
This is a frequent error we are also seeing serveral times daily on all hosts. It is definitely a bug, but difficult to report, because it is not reproduceable manually. Probably a race condition somewhere in the code, because the web server configuration files are created, tested and activated before the SSL certificate file is in place. It is an absolutely annoying issue, because some times when a hard web server restart (the real restart, not the graceful reload) is executed afterwards, the web server stops and cannot be restarted until manual intervention.

The issue is for sure not linked to Cloudflare.

To get it working again:
Identify the domain given in /etc/apache2/plesk.conf.d/webmails/XXXXXX.de_webmail.conf (the XXXXXX.de part).
In the GUI go to that domain, select the default SSL certificate in hosting settings and no certificate in mail settings (if any).
Then go the the SSL icon and remove the existing Let's Encrypt certificate (if any).
Then click on the Let's Encrypt icon to create a new certificate.

Then go into web server configurations trouble shooter and reconfigure "Rebuild">"Broken" configuration files. This last step is only needed to remove the error message from Plesk GUI.
Click to expand...

Hello and thank you.

It's crazy and I don't understand it.

On plesk repair web -sslcerts in my commandline all other certifications were renewed. The timestamp from this one ist the same like before.
I tried your way, but I doesn't work. If I delete the LetsEncrypt certificate, this file still exists.
In the end I receive the same error in my Configurations Troubleshooter.
It looks like in this file is the CA-Cert for all LetsEncrypt certifications. Could it be?
Because it's allways the same in my domains.
 
Christian C said:
If I delete the LetsEncrypt certificate, this file still exists.
In the end I receive the same error in my Configurations Troubleshooter.
Click to expand...
There is no problem that a file exists. The problem is, that a non-existent file is referenced in the web server configuration.
It is impossible that the problem persists if you have followed the steps I have given above. If the same problem persists, you have not followed all the steps.
 
You must log in or register to reply here.

Similar threads

J
Issue Error: configuration files for the Apache web server were not created
Replies
1
Views
537
Raul A.
R
B
Issue NGINX Issue
Replies
1
Views
2K
Martin Dias
Martin Dias
Quinten
Resolved Reverse Proxy server (Nginx) won't start after renewing a domains certificate
Replies
7
Views
8K
Quinten
Quinten
T
Resolved Problem with certificates after Migration from Debian 9 to Debian 11
Replies
2
Views
1K
Team-Support
T
Bitpalast
Forwarded to devs Changing the host's default certificate does not update cert file references in the web server config files that are using the host cert
Replies
13
Views
5K
RazvanA
R
Back
Top