Unable to start nginx: SSLCertificateFile: file does not exist or is empty

• nginx configuration is broken:

  # nginx -t
  nginx: [emerg] cannot load certificate "/usr/local/psa/var/certificates/XXXX": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/psa/var/certificates/XXXX','r') error:2006D080:BIO routines:BIO_new_file:no such file)

• Private key is missing in the certificate file mentioned in the error message:

  # grep PRIVATE KEY /usr/local/psa/var/certificates/XXXX

If any customer faces the same issues we should perform following steps: • Ask customer to upgrade to the latest Plesk version (fixes were performed in Plesk 18.0.53) • If problem still occurs - enable debug log and ask customer to come back as soon, as problem repeated. This kind of problems can not be investigated without Plesk debug logs. Better to copy logs with problem timeframe to separate location, to avoid logs rotation. Investigation can get a lot of time. • Create a 3rd-line ticket for logs analysis from the Core team side.

Should the solution above not help:

1. Log in to Plesk via SSH

2. Identify default Plesk certificate file name:

# plesk db "select id,cert_file,ca_file,name from certificates where name like '%default%'"
+----+-------------+---------+---------------------+
| id | cert_file | ca_file | name |
+----+-------------+---------+---------------------+
| 2 | certwW8DCMw | | default certificate |
+----+-------------+---------+---------------------+

3. Replace the corrupted certificate with default one:

# cp /usr/local/psa/var/certificates/certlTuBPTm /usr/local/psa/var/certificates/XXXX

4. Re-enable nginx:

# /usr/local/psa/admin/bin/nginxmng -d

# /usr/local/psa/admin/bin/nginxmng -e