Note: This article has the reference to the issue with the fix available:
- #PPPM-7473 "Fixed the issue where updating the default SSL/TLS certificate via the XML API resulted in the web server configuration getting corrupted."
- Plesk Onyx 17.5.3 Update 41 19 February 2018 (Linux)
Plesk is secured with Let's Encrypt Certificate;
This certificate is used as default;
When the certificate renewed, web configuration gets broken:
PLESK_ERROR: Unable to generate the web server configuration file on the host because of the following errors:
Template_Exception: nginx: [emerg] BIO_new_file("/usr/local/psa/var/certificates/cert-zeSr3a") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/psa/var/certificates/cert-zeSr3a','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
PLESK_ERROR: Template_Exception: Syntax error on line 51 of /etc/httpd/conf/plesk.conf.d/ip_default/example.conf:
SSLCACertificateFile: file '/usr/local/psa/var/certificates/cert-zeSr3a' does not exist or is empty
Bug with ID #PPPM-7473.
To workaround the issue:
Do not use Let's Encrypt certificate as a default server certificate;
Run the following command after each time the certificate is renewed:
# plesk sbin httpdmng --reconfigure-all
Note: command should be launched in SSH as root.