Apache fails to start: SSLCertificateFile: file does not exist or is empty

Follow

Comments

2 comments

  • Avatar
    Dan Neuhaus

    And again having this issue on one fully patched server running 17.5.3 Update #30.

    It all started with the migration of one site (lets call it domain-a.de) from Server B to Server A. The IP was not switched over to the new server A on DNS side.

    Obviously for the default plesk certifcate on Server A the Let's Encrypt certificate renewal was due, I received following notification:

    The following Let's Encrypt certificates for Admin <hostname> - xxx.yy.zz.197 (login admin) have been renewed:

     * 'Lets Encrypt certificate'
       - <hostname>.mydomain.de

    Immediately afterwards I received the following email:

    Unable to configure a web server on the host <hostname>.mydomain.de

    Unable to generate the web server configuration file on the host <hostname>.mydomain.de because of the following errors:

    Template_Exception: AH00526: Syntax error on line 48 of /etc/apache2/plesk.conf.d/webmails/domain-a.de_webmail.conf:
    SSLCertificateFile: file '/opt/psa/var/certificates/cert-SArmSQ' does not exist or is empty

    file: /opt/psa/admin/plib/Template/Writer/Webserver/Abstract.php
    line: 75
    code: 0

    Please resolve the errors in web server configuration templates and generate the file again.

    I was sure that a apache restart would fail and in fact shortly after restarting apache manually it failed to work.

    Job for apache2.service failed because the control process exited with error code. See "systemctl status apache2.service" and "journalctl -xe" for details.
    root@<hostname>:~# systemctl status apache2.service
    ? apache2.service - LSB: Apache2 web server
       Loaded: loaded (/etc/init.d/apache2; bad; vendor preset: enabled)
      Drop-In: /lib/systemd/system/apache2.service.d
               +-apache2-systemd.conf
       Active: failed (Result: exit-code) since Do 2017-11-16 20:18:51 CET; 35s ago
         Docs: man:systemd-sysv-generator(8)
      Process: 16840 ExecStop=/etc/init.d/apache2 stop (code=exited, status=0/SUCCESS)
      Process: 25575 ExecReload=/etc/init.d/apache2 reload (code=exited, status=0/SUCCESS)
      Process: 16869 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)
       CGroup: /system.slice/apache2.service
               +-11425 /usr/sbin/apache2 -k start
               +-14062 /usr/sbin/apache2 -k start
               +-14091 /usr/sbin/apache2 -k start

    Nov 16 20:18:51 <hostname>.mydomain.de apache2[16869]:  * The apache2 configtest failed.
    Nov 16 20:18:51 <hostname>.mydomain.de apache2[16869]: Output of config test was:
    Nov 16 20:18:51 <hostname>.mydomain.de apache2[16869]: AH00526: Syntax error on line 36 of /etc/apache2/plesk.conf.d/ip_default/<hostname>.neuha
    Nov 16 20:18:51 <hostname>.mydomain.de apache2[16869]: SSLCertificateFile: file '/opt/psa/var/certificates/cert-SArmSQ' does not exist or
    Nov 16 20:18:51 <hostname>.mydomain.de apache2[16869]: Action 'configtest' failed.
    Nov 16 20:18:51 <hostname>.mydomain.de apache2[16869]: The Apache error log may have more information.
    Nov 16 20:18:51 <hostname>.mydomain.de systemd[1]: apache2.service: Control process exited, code=exited status=1
    root@<hostname>:~# plesk repair web

    Repairing web server configuration

      Reinstall SSL/TLS certificates and set the default certificate for all IP addresses? [Y/n] Y
        Reinstalling SSL/TLS certificates ............................... [OK]
        Applying the default SSL/TLS certificate to all IP addresses .... [OK]

      Repair server-wide configuration parameters for web servers? [Y/n] Y
        Repairing server-wide configuration parameters for web servers .. [2017-11-16 20:21:28] ERR [util_exec] proc_close() failed ['/opt/psa/admin/bin/httpdmng' '--reconfigure-server'] with exit code [1]
    [FAILED]
        - httpdmng failed: [2017-11-16 20:21:27] ERR [util_exec]
          proc_close() failed ['/opt/psa/admin/bin/apache-config' '-t']
          with exit code [1]
          [2017-11-16 20:21:28] ERR [util_exec] proc_close() failed
          ['/opt/psa/admin/bin/apache-config' '-t'] with exit code [1]
          [2017-11-16 20:21:28] ERR [panel] Apache config
          (15108600860.87081400) generation failed: Template_Exception:
          AH00526: Syntax error on line 36 of
          /etc/apache2/plesk.conf.d/ip_default/<hostname>.mydomain.de.conf:
          SSLCertificateFile: file
          '/opt/psa/var/certificates/cert-SArmSQ' does not exist or is
          empty

          file:
          /opt/psa/admin/plib/Template/Writer/Webserver/Abstract.php
          line: 75
          code: 0
          AH00526: Syntax error on line 36 of
          /etc/apache2/plesk.conf.d/ip_default/<hostname>.mydomain.de.conf:
          SSLCertificateFile: file
          '/opt/psa/var/certificates/cert-SArmSQ' does not exist or is
          empty

    The repair worked out at the end but it's quite frustrating to have this error again and again and again on fully patched servers where the issue should be resolved according to another KB article.

     

  • Avatar
    Bulat Tsydenov

    @Dan, I think you faced a bug which is described in the following article - https://support.plesk.com/hc/en-us/articles/115003198773 

Please sign in to leave a comment.

Have more questions? Submit a request