Plesk and ASL update fails: [Errno 14] HTTPS Error 401 - Unauthorized

Symptoms

• Plesk update fails with the following message in /tmp/autoinstaller3.log:

  PLESK_INFO: https://plesk_1234567_1:password@www4.atomicorp.com/channels/asl-4.0/centos/7/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 401 - Unauthorized Trying other mirror. repo

• Atomic Secure Linux extension is installed in Plesk.

• Advanced ModSecurity Rules by Atomicorp (Security Pack) license is installed at Plesk > Tols & Settings > License Management > Additional License Keys

• ASL config file at /etc/asl/config with authentication details to access Atomicorp repositories is regularly overwritten with wrong credentials.

Conditions

This is Plesk bug with ID #PPPM-8240 which is planed to be fixed in one of the future product updates.

Resolution

Login to the server via SSH and apply the following workaround:

1. Download the patched key-handler.zip file from the attachments to the server and unzip it:

   # wget https://plesk.zendesk.com/hc/article_attachments/360002982634/key-handler.zip
   # unzip key-handler.zip

2. Replace the original file with the new one at /usr/lib64/plesk-9.0/:

   # mv -i /usr/lib64/plesk-9.0/key-handler /usr/lib64/plesk-9.0/key-handler.orig
   # cp key-handler /usr/lib64/plesk-9.0/key-handler
   # chmod 750 /usr/lib64/plesk-9.0/key-handler

Note: revert the changes if it is planned to use Mod-security instead of ASL.