• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Upgrade Almalinux 8 to 9 with Plesk installed

A

ansgar

New Pleskian
Server operating system version
Almalinux 8.9
Plesk version and microupdate number
18.0.59
I am researching on how to upgrade my VPS with Almalinux 8 to Almalinux 9. I am using LEAPP (ELevate Quickstart Guide | AlmaLinux Wiki)

The pre-upgrade check fails with the following message: Detected RPMs with RSA/SHA1 signature
As it turns out, these RPMs are Plesk packages. Here is a snippet from the log:

Code: 
 cat /var/log/leapp//leapp-report.txt
Risk Factor: high (inhibitor)
Title: Detected RPMs with RSA/SHA1 signature
Summary: Digital signatures using SHA-1 hash algorithm are no longer considered secure and are not allowed to be used on RHEL 9 systems by default. This causes issues when using DNF/RPM to handle packages with RSA/SHA1 signatures as the signature cannot be checked with the default cryptographic policy. Any such packages cannot be installed, removed, or replaced unless the signature check is disabled in dnf/rpm or SHA-1 is enabled using non-default crypto-policies. For more information see the following documents:
  - Major changes in RHEL 9: https://red.ht/rhel-9-overview-major-changes
  - Security Considerations in adopting RHEL 9: https://red.ht/rhel-9-security-considerations
 The list of problematic packages:
    - pp18.0.59-bootstrapper (DSA/SHA1, Mon 26 Feb 2024 11:08:54 PM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-libboost-locale1.80 (DSA/SHA1, Mon 05 Sep 2022 10:44:52 AM UTC, Key ID bd11a6aa914bdf7e)
    - psa-mail-driver-common (DSA/SHA1, Mon 26 Feb 2024 11:09:06 PM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-dovecot-core (DSA/SHA1, Mon 26 Feb 2024 11:09:04 PM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-config-troubleshooter (DSA/SHA1, Mon 26 Feb 2024 11:09:04 PM UTC, Key ID bd11a6aa914bdf7e)
    - psa-updates (DSA/SHA1, Thu 12 Oct 2023 08:11:21 AM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-libboost-iostreams1.80 (DSA/SHA1, Mon 05 Sep 2022 10:44:53 AM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-libboost-system1.82 (DSA/SHA1, Tue 23 May 2023 09:44:54 AM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-libpoco-1.12.4 (DSA/SHA1, Sat 06 May 2023 12:08:56 PM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-php82-pdo (DSA/SHA1, Sun 17 Mar 2024 09:42:52 AM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-php83-mysql (DSA/SHA1, Fri 15 Mar 2024 02:16:54 PM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-php82-enchant (DSA/SHA1, Sun 17 Mar 2024 09:42:56 AM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-python3-regex (DSA/SHA1, Mon 24 Apr 2023 03:59:55 PM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-php82-opcache (DSA/SHA1, Sun 17 Mar 2024 09:42:57 AM UTC, Key ID bd11a6aa914bdf7e)
    - plesk-ruby3.0.5 (DSA/SHA1, Wed 07 Feb 2024 11:55:16 AM UTC, Key ID bd11a6aa914bdf7e)
etc etc

According to release notes of Almalinux 9, packages signed with SHA1 are not supported anymore.

How do I change the Plesk packages to be signed with SHA256 or higher?
 
A direct upgrade from Alma 8 to Alma 9 is not yet supported. You have at least four more years from now until an update becomes necessary. Plesk will very likely provide an upgrade path within the next years. If you wish to switch to Alma 9, please setup a new server and use Plesk Migrator to migrate the existing installation to the new server.
 
Peter Debik said:
A direct upgrade from Alma 8 to Alma 9 is not yet supported. You have at least four more years from now until an update becomes necessary. Plesk will very likely provide an upgrade path within the next years. If you wish to switch to Alma 9, please setup a new server and use Plesk Migrator to migrate the existing installation to the new server.
Click to expand...
Thanks Peter for your response. Hopefully it will be sooner then later :) I like to be prepared.
 
AlmaLinux 8 > AlmaLinux 9 dist-upgrade support has not been introduced yet. Unfortunately, I cannot provide any ETA on when a script will be released yet. At this point, you can consider a migration to a fresh AlmaLinux 9 server.
 
You must log in or register to reply here.

Similar threads

GSMPRO
Question Trying To Install Plesk On AlmaLinux 9
Replies
4
Views
2K
GSMPRO
GSMPRO
U
Resolved NO_PUBKEY BD11A6AA914BDF7E
2
Replies
23
Views
17K
We are Borg
We are Borg
S
Issue Plesk 18.0.64 Restore failing
Replies
1
Views
693
Sebahat.hadzhi
Sebahat.hadzhi
D
Issue Unable to open Plesk webpage Apollo error code 400 /cp/javascript/vendors.js:9
Replies
0
Views
533
dumby
D
S
Issue MariaDB 10.5 to 10.11 upgrade failure on AlmaLinux 9.5
Replies
3
Views
2K
sder
S
Back
Top