Applicable to:
- Plesk for Linux
Symptoms
-
nginx fails to start with the following error:
CONFIG_TEXT: [warn] 91333#0: "ssl_stapling" ignored, host not found in OCSP responder "r3.o.lencr.org" in the certificate "/opt/psa/var/certificates/sqfABw7p2"
-
Accessing Domains > example.com > SSL/TLS Certificates in Plesk displays the following error:
PLESK_ERROR: Could not get Mozilla TLS config: cURL error 6 could not resolve host: statics.tls.security.mozilla.org; Unknown error (see https://curl.haxx.se/libcurl/c/libcurl-errors.html).
If ignoring the error message and try issuing a certificate, the following error is provided:
PLESK_ERROR: Detail: Order's status ("pending") is not acceptable for finalization
Cause
Name resolution issue.
Resolution
-
Connect to the server via SSH.
-
Add Google nameserver to
/etc/resolv.conffile:# echo "nameserver 8.8.8.8" >> /etc/resolv.conf
-
If the issue persists re-enable local firewall rules and restart Plesk services:
# systemctl restart sw-engine && systemctl restart sw-cp-server
Note: If the server is running with
systemd-resolvedorNetworkManageradjust the networking configuration manually or contact the hosting provider for assistance.
Comments
3 comments
incomplete information
In my Centos 7.9 it works perfectly!
Thank you so much!!!
Hi,
just want to mention that just restarting helped. But i will not change my own resolver Server in resolv.conf as i need that, to ping the Mail Blacklists without any open Nameservers. In Conclusion it would be good to have other Solutions (often) instead just set Google or Cloudflare Servers.
Please sign in to leave a comment.