- Plesk Onyx for Linux
Nginx is enabled and is used as web proxy in combination with Apache:
# /usr/local/psa/admin/bin/nginxmng -s
Nginx service cannot start. Error in
/var/log/messages(for RedHat, CentOS, CloudLinux) or in
/var/log/syslog(for Ubuntu, Debian):
CONFIG_TEXT: nginx: [emerg] BIO_new_file("/usr/local/psa/var/certificates/certXXXXXXX") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/psa/var/certificates/certXXXXXXX','r') error:2006D080:BIO routines:BIO_new_file:no such file)
Similar error is shown in Plesk GUI:
PLESK_ERROR: New configuration files for the Apache web server were not created due to the errors in configuration templates: nginx: [emerg] BIO_new_file("/usr/local/psa/var/certificates/certXXXXXXX") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/psa/var/certificates/certXXXXXXX','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx: configuration file /etc/nginx/nginx.conf test failed.
PLESK_ERROR: New configuration files for the Apache web server were not created due to the errors in configuration templates: nginx: [emerg] PEM_read_bio_X509_AUX("/usr/local/psa/var/certificates/XXXXXXX") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE) nginx: configuration file /etc/nginx/nginx.conf test failed.
Certificate file reported in the error is missing from the directory
# ls -la /opt/psa/var/certificates/ | grep certXXXXXXX
Apache service is up and running, it may be listening on ports 7080/7081 or 80/443:
# netstat -tlpn | grep -E ":7080|:7081|:80|:443" | grep -E "apache|httpd"
tcp 0 0 0.0.0.0:7080 0.0.0.0:* LISTEN 692/apache2
tcp 0 0 0.0.0.0:7081 0.0.0.0:* LISTEN 692/apache2
Website is not accessible:
CONFIG_TEXT: Unable to connect
Can't establish a connection to the server at example.com
Domain example.com may not exist in Plesk:
# plesk bin domain -l | grep example.com
Some websites hosted in Plesk may show the Plesk default page, web-server page or webmail login page.
- Webmail is opened instead of website itself while accessing example.com.
SSL certificate changes are not applied to nginx configuration files.
- Log in to Plesk
- Open Extensions > My Extensions > Webserver Configurations Troubleshooter > Open
- Click the arrow near search bar, filter the configuration files by status "Error" and click Search:
- Select the configuration files for non-existing domain and click Remove:
- Re-create web configuration files server-wide by clicking Rebuild button and select All:
Log in to Plesk server via SSH as root user.
Disable nginx service to temporarily switch all websites to Apache and remove the impact:
# /usr/local/psa/admin/bin/nginxmng -d
Search for all configuration files loading configuration file mentioned in the error message:
# grep -R certXXXXXXX /etc/nginx/
/etc/nginx/plesk.conf.d/vhosts/example.com.conf: ssl_certificate /usr/local/psa/var/certificates/certXXXXXXX;
/etc/nginx/plesk.conf.d/webmails/webmail.example.com.conf: ssl_certificate /usr/local/psa/var/certificates/certXXXXXXX;
Move all soft links to broken configuration files from the directories
# mv /etc/nginx/plesk.conf.d/vhosts/example.com.conf /
# mv /etc/nginx/plesk.conf.d/webmails/webmail.example.com.conf /
Check if any other misconfigurations remained:
# nginx -t
If there are more orphaned files remained, repeat the 3rd step, but with the new certificate name which appears in the error.
Once the nginx configuration test is successful, rebuild web server configuration:
# plesk bin repair --reconfigure-ssl-certificates
# plesk repair web -y
Warning: To avoid errors on Debian systems, replace "NGINX_ENABLED=no" with NGINX_ENABLED=yes in /etc/default/nginx
# /usr/local/psa/admin/bin/nginxmng -e