Applicable to:
- Plesk for Linux
Symptoms
-
After upgrading Plesk a scheduled task of the type Run a command with a cURL request created in Subscriptions > example.com > Scheduled Tasks fails with the error:
PLESK_ERROR: Task "curl -m 15 https://www.example.com/maintenance/cron.php" completed with error in 0 seconds, output:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs -
If the option Domains > example.com > Web Hosting Access > Access to the server over SSH for the subscription's system user is set to /bin/bash (chrooted), executing a curl command in the chrooted shell fails with the same error:
MYSQL_LIN: $ curl https://google.com
curl: (77) error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
Cause
The CA certificates are not added into the chrooted environment.
Resolution
-
Connect to the server using SSH.
-
Create directories for CA certificates in the chroot template:
# mkdir -p /var/www/vhosts/chroot/etc/ssl/certs/
# mkdir -p /var/www/vhosts/chroot/usr/share/ca-certificates/ -
Copy the CA certificates to those directories:
# cp -a /etc/ssl/certs/* /var/www/vhosts/chroot/etc/ssl/certs/
# cp -a /usr/share/ca-certificates/* /var/www/vhosts/chroot/usr/share/ca-certificates/ -
Update the chroot template by running below commands one by one:
# curl -o update-chroot.sh https://raw.githubusercontent.com/plesk/kb-scripts/master/update-chroot/update-chroot.sh
# chmod 700 update-chroot.sh
# ./update-chroot.sh --apply all
Change the shell for executing scheduled tasks:
-
In Plesk interface: go to Tools & Settings > Scheduled Tasks > Settings, change the parameter Crontab shell to /bin/bash, and click OK or Apply to save the changes.
-
# plesk bin server_pref -u -crontab-secure-shell "/bin/bash"
Comments
0 comments
Please sign in to leave a comment.