Plesk 12.x / Linux :: No SSL-Connection To A Website Possible
May 14, 2015
I've had a problem to get a connection to my websites via https. My Plesk is version 12.0.18 an it runs on ubuntu 14.04 LTS. I have installed the certificate in that way: URL.... The SSL in that repository is activated in the hosting settings. I've activated and deactivated them a several times. The nginx.conf and the httpd.conf seems to be all fine.
SSL Engine is on an certificate statements links to the certificates in /opt/psa/var/certificates/The access_ssl_log an proxy_access_ssl_log had no entries, but /var/log/nginx/error.log said:
2015/05/14 13:29:08 [error] 981#0: *12788 no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: x.x.x.x, serv$ Click to expand...
OS CentOS 6.5 (Final) Plesk version 12.0.18 Update #6, last updated at July 2, 2014 11:13 AM
The system is up-to-date; last checked at June 27, 2014 04:43 AM
All current websites on the server seem to work fine any new subscriptions we cannot get working at all.
We can connect via FTP to new sites SOMETIMES - just cant get directory listing. When we can connect and get into a directory it slows down.
In Active mode: Command:MLSD Response:425 Unable to build data connection: Connection refused Error:Failed to retrieve directory listing​ Install Wordpress via the Parallels panel it loads and says it is all there, just can't log or display any pages. The default Parallels page is displayed.
Upload a html page via the File Manager in Parallels and it displays the default Parallels page.
Unpack the Wordpress tar file via File Manager and it displays the default Parallels page.
The Wordpress feature in Parallels says it is working fine, can't display any page, can't log in as it returns a 404 page or the default Parallels page.
Create a site in Presence builder and Parallels says there is a site. The default Parallels page is displayed when opening the site.
Go to DOMAINS and there is 0mb in space used and there are files listed in the File Manager - none of which can be displayed.
First, the datacenter lost power so the server shut off. I assume there is some DB corruption and why the SQL Service won't start.
Code: failed Trying to start service mariadb... Job for mariadb.service failed. See 'systemctl status mariadb.service' and 'journalctl -xn' for details.
WARNING! Some problems are found during start(see log file: /var/log/plesk/psa_service.log)
Continue...
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111) Unable to connect to Plesk Database: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (111)
I ran the systemctl status mariadb.service command and this is below.
I'm using plesk with CentOS 6.6 and the postfix/courier mail services...I tried to connect an existing mail account with a mail program like thunderbird. But I'm not able to connect to it, except when I'm using "no connection security"...So I tried, if manually contacting the POP3s Port is working:
Code: openssl s_client -ssl3 -host mail.domain.de -port 995 with the following result:
Code: CONNECTED(00000003) write:errno=104 --- no peer certificate available --- No client certificate CA names sent
[code]....
the same results come for trying to connect to port 465 (ssmtp) and 993 (imaps)port 443 (https) seems to work fine..i already checked if the corresponding certificates exist (e.g. /usr/share/imapd.pem) and filled with the standard certificate informtaion given by plesk checking openssl on the server gives the following result:
Code: # openssl version OpenSSL 1.0.1e-fips 11 Feb 2013
I have a client with a dedicated server running. Spec below.
The problem I am having is with incoming email. When I set up a new email account it can take about 10 attempts to log on to the incoming mail server. Once it has connected it will be ok for a short while then I will get a connection error and no emails will come through.
This is happening across all platforms, PC / MAC / iPhone and iPad.
I am a web designer with limited knowledge of the setting up of the server and was looking to set up email server within plesk.
General CPUGenuineIntel, Intel(R)Core(TM) i5-2400 CPU @ 3.10GHz VersionParallels Plesk Panel v11.0.9_build110120608.16 os_Ubuntu 12.04 OSUbuntu 12.04.4 LTS Key numberPLSK.02873817.0002 System Uptime: 60 day(s) 10:03
Hostname IP address OSUbuntu 12.04.4 LTS Panel version11.0.9 Update #62
I have a new Plesk 12 installation. I have configured a domain (example.com) with hosting that also requires wildcard subdomains.
To achieve this I had to create a vhost.conf file with...
ServerAlias *.example.com
This works and I can go to http://anything.example.com with no issue.
I purchased a wildcard SSL certificate for *.example.com and successfully installed it.
If I go to https://example.com it works perfectly and shows the correct certificate, however if I go to https://anything.example.com it tells me the connection is untrusted, when I view the certificate, it shows the Parallels Plesk self certified certificate and not my purchased certificate.
I created a vhost_ssl.conf with
ServerAlias *.example.com ServerAlias *.example.com:443 #tried with and without this line
If I add an exception in the browser, then I am taken to the correct place, albeit with the incorrect certificate.
Of course I have executed httpdmng --reconfigure-domain example.com and also tried a full reboot.
In summary:
http://example.com - works
http://anything.example.com - works
https://example.com works with my certificate
https://anything.example.com has Parallels certificate but routes to correct page
I'm trying to create a network connection from Windows (8.1) to my Plesk filesharing folder, which should be straight forward. For some strange reason my Windows desktop PC doesn't establish the connection but shows me an error message, saying that the provided folder is invalid (see attached images).
For some reason FTPS is no longer working as it used to before plesk upgraded. At this point, I am not sure which Plesk upgrade caused this since I do not FTPS or ftp in general often. its enabled as it was before, even disabled and re-enabled it again. Still gives a "could not establish connection". Restarted the service via command Line with "service xinetd restart". still isnt working...
My hosting provider recently (and without any warning) decided to block outgoing connections to port 25. What this means is for any client/domain/email address that has a forwarder setup, the mail will never reach its destination because the connection to the other server always times out. The error logs look like this:
postfix/smtp[8414]: connect to ASPMX2.GOOGLEMAIL.COM[74.125.131.26]:25: Connection timed out postfix/smtp[8421]: connect to aspmx2.googlemail.com[74.125.131.26]:25: Connection timed out postfix/smtp[8425]: connect to aspmx3.googlemail.com[64.233.186.26]:25: Connection timed out postfix/smtp[8423]: connect to aspmx4.googlemail.com[64.233.166.26]:25: Connection timed out
I haven't been able to find a way to force relay to 465. Or maybe I shouldn't have relay on at all and do this another way?
I have used the patch : [URL] .... to disable ssl v3.
After I applied the patch getting error below when i try to send email via horde webmail:
There was an error sending your message: Could not open secure TLS connection to the server.
Roundcube can send mails well but horde not. Otherwise since applied the parch i can't get mails from gmail and maybe other providers i don't know yet.
I've written a script to send property data to rightmove.co.uk as part of their new automated data feed. However they require a secure connection to their systems when posting the data. They have provided me with a .pem file which is a security certificate. I need to install this on my plesk server but where to start as most certificates require a private key and the actual certificate. The private key I have been provided is only an 8 charter string, like a password.
[Mon Mar 23 20:53:14 2015] [warn] [client xxx.xxx.xxx.xxx] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server [Mon Mar 23 20:53:14 2015] [error] [client xxx.xxx.xxx.xxx] Premature end of script headers: index.php
My server have 2 ip and I want my special hosting can listen on 2 ip. I edited some file from /var/www/vhosts/system/<domain>/conf. Change * to ip on <Virtualhost> But it don't effect.
I am not a web host. I do have my own server that I host my company sites on and some of my friends use it as well.
I had someone ask me if I could host about ten pages on my server for him. He said the following," Hello. What is your base hosting price... say for a dozen page static site? (making some Page Rank sites on different hosts to mask the connections to my main website)"
This question gave me an uneasy feeling, but then again I am not familiar with this tactic. I have two questions since the above was asked.
1. Is this illegal by search engine rules. 2. Can my websites be affected if it is.
For about the last two weeks I've had issues connecting with the website that I help run www.learnoutloud.com from my home connection which is Time Warner Cable Internet connection in Los Angeles. I'm on a Dell laptop Inspiron 6000 running Windows XP. I'm always able to connect to the site but what's happening is the page will get hung up on loading a single image usually and then it will take about a minute just to load that last image. And sometimes the page won't load at all, but all it takes usually is hitting the refresh button and the page loads instantly. I was hoping this issue would just go away, but it's been persistent after numerous restarts of our cable modem and switching from wireless to plugged in and so forth. And it's really only happening for our site and no others, which is just puzzling.
At our office on our DSL connection our site loads fine and we haven't had any customer complaints about the site loading slow like this. Our traffic numbers have stayed steady so I don't think it's a global problem connecting with our site. At home I conduct a trace route and it looks good:
Tracing route to learnoutloud.com [72.34.53.155] over a maximum of 30 hops:
1 5 ms 5 ms 1 ms 192.168.1.1 2 15 ms 13 ms 12 ms cpe-76-170-64-1.socal.res.rr.com [76.170.64.1] 3 12 ms 11 ms 9 ms 76.166.6.77 4 11 ms 12 ms 12 ms tge9-3.bwlaca1-rtr2.socal.rr.com [76.166.1.6] 5 11 ms 12 ms 16 ms tge9-2.bwlaca1-rtr1.socal.rr.com [76.166.1.4] 6 14 ms 15 ms 47 ms tge2-2-0.lsanca1-rtr1.socal.rr.com [66.75.161.20 1] 7 15 ms 18 ms 25 ms xe-8-1-0.edge3.LosAngeles1.Level3.net [4.78.195. 189] 8 15 ms 15 ms 15 ms ae-12-69.car2.LosAngeles1.Level3.net [4.68.20.4]
9 16 ms 15 ms 25 ms INTERNAP-NE.car2.Level3.net [4.71.36.78] 10 15 ms 15 ms 27 ms border1.po2-bbnet2.ext1.lax.pnap.net [216.52.255 .86] 11 16 ms 38 ms 25 ms insiderh-2.border1.ext1.lax.pnap.net [63.251.209 .106] 12 19 ms 29 ms 18 ms 72.34.41.10 13 32 ms 18 ms 18 ms 72.34.53.155
Trace complete.
Does anyone know what the heck is going on and how I can fix this?
I just started using plesk for my blogs and websites, so testing and finding my way around i notice every site i add instead of having its own folder just like in cpanel(shared hosting) the sites are been added under the primary domain.
I have the latest centos 7 and plesk 12 installed on a dedicated server and i wish to add a new IP to use on a specific website. However, when I am trying to add the IP in plesk i am getting the following error:
Code: Error: ifmng failed: sh: /sbin/ifconfig: No such file or directory /sbin/ifconfig 'eth0:1' '85.214.93.196' netmask '255.255.255.255' up exited with non-zero status 127
I have read somewhere on the forum that installing iptables can fix this but cents 7 is using the new firewald and i am wondering if in the future such a change will not affect the well being of the overall server.
Is there any solution to this problem or will there be a fix from Plesk in the near future ?
