Applicable to:
- Plesk for Linux
- Plesk for Windows
Symptoms
-
Plesk interface is slow. Time to First byte (TTFB) when loading some Plesk pages is very big but server resources are fine.
-
License, WordPress plugin or Plesk extension installation fails with one of the following errors:
PLESK_ERROR: Error: cURL cannot communicate with license server https://id-00.kaid.plesk.com:5224/ (): Couldn't connect to server(7)
cURL cannot communicate with license server https://id-00.kaid.plesk.com:5224/ (): Couldn't resolve host name(6)PLESK_ERROR: cURL cannot communicate with license server https://id-00.kaid.plesk.com:443/ (195.214.233.82): SSL connect error(35) cURL cannot communicate with license server https://id-00.kaid.plesk.com:443/ (): Couldn't resolve host name(6) (Error code: 2)
PLESK_ERROR: Error: No properly formed ip addresses
PLESK_ERROR: Error: The license key is invalid. In order to use Plesk, you need to obtain and install a new valid license key. Your license key has expired. To continue using your Plesk, you must purchase a non-expiring commercial license key. Error: cURL cannot communicate with license server https://id-00.kaid.swsoft.com:5224/ (): Failed to connect to id-00.kaid.swsoft.com port 5224: Bad access(7) cURL cannot communicate with license server https://id-00.kaid.swsoft.com:5224/ (): Could not resolve host: id-00.kaid.swsoft.com(6)
PLESK_ERROR: ERR [panel] KeyUpdate Result additional information: cURL verbose output: * Trying 195.214.233.80... * connect to 195.214.233.80 port 5224 failed: Bad access * Failed to connect to ka.plesk.com port 5224: Bad access * Closing connection 0
PLESK_ERROR: cURL cannot communicate with license server https://ka.plesk.com/xmlrpc(): Failed to connect to ka.plesk.com port 443: Timed out(7)
cURL cannot communicate with license server https://ka.plesk.com/xmlrpc(): Could not resolve host: ka.plesk.com(6) -
One of the following symptoms is true:
-
Cannot connect to
ka.plesk.com
usingtelnet
utility:# telnet ka.plesk.com 443
Trying 195.214.233.80...
telnet: Unable to connect to remote host: Connection refusedOR
# telnet ka.plesk.com 443
Trying 195.214.233.80...
telnet: connect to address 195.214.233.80: Connection timed out
Trying 195.214.233.81...
telnet: connect to address 195.214.233.81: Connection timed out
Trying 195.214.233.82...
telnet: connect to address 195.214.233.82: Connection timed out -
cURL HTTPS request fails with:
# curl --insecure https://ka.plesk.com:443
curl: (35) TCP connection reset by peer -
# curl https://ka.plesk.com:443 -v
...
* Connected to ka.plesk.com (195.214.233.81) port 443 (#0)
...
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
...
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to ka.plesk.com:443
...
curl: (35) Unknown SSL protocol error in connection to ka.plesk.com:443 -
Or:
PS > New-Object System.Net.Sockets.TcpClient("ka.plesk.com", 443)
Client : System.Net.Sockets.Socket
Available : 0
Connected : False
-
Cause
Outgoing connections to the Key Administration server are blocked by a local or intermediate firewall.
Resolution
- Log into Plesk;
- Go to Tools & Settings > Updates & Upgrades. In the extensions section, select Plesk Firewall for installation.
- After installation, go to Tools & Settings > Firewall > Enable Firewall Rules Management > Enable;
- By default, Plesk Firewall gets activated with the default list of rules, and connection to 5224 and 443 is allowed by default. Make sure there is the following line in Plesk Firewall set to be allowed:
If the connection is still not successful, contact network administrator or server owner in order to allow connection to all of those IPs/ports in a server and intermediary (or third-party) firewall.
-
Connect to the server via SSH;
-
Add the following rules to the local firewall. For example, using
iptables
:# iptables -I OUTPUT -p tcp -d 195.214.233.80,195.214.233.81,195.214.233.82 -m multiport --dports 443,5224 -j ACCEPT
# iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
If the connection is still not successful, contact network administrator or server owner in order to allow connection to all of those IPs/ports in a server and intermediary (or third-party) firewall.
If using Amazon AWS, visit this article to learn how to open the connection to a port and IP address.
- Log in to Google Cloud account;
- Navigate to VPC network > Firewall rules > Create firewall rule;
- Set Direction of traffic to be Egress.
Set Action on match to be Accept.
Set Targets to be All instances in the network; - Allow access to ka.plesk.com by setting Destination IP ranges field to 195.214.233.80;
Repeat this step for 195.214.233.81 and 195.214.233.82. - Set Protocols and ports field to be tcp:5224.
Repeat this step for tcp:443. - Click Create.
- Connect to the server via RDP;
- Press Start > enter Windows Firewall with Advanced Security.
- Click Outbound Rules > New Rule..., select Port, 5224, Allow the connection, and apply it to all profiles.
Comments
0 comments
Please sign in to leave a comment.