Plesk & SocialBee have teamed up. Save 30% now!

Get the Deal

Knowledge Base

All websites hosted in Plesk are not accessible over HTTPS: 502 Bad Gateway or ERR_CONNECTION_REFUSED

 
apachecentoscloudlinuxcpaneldebian

Symptoms

Websites hosted in Plesk are loading over HTTP, but do not work over HTTPS:

502 Bad Gateway nginx

ERR_CONNECTION_REFUSED

Cause

The ssl_module is not included into Apache configuration, as a result Apache is not listening on port 7081 (when nginx is enabled in Tools & Settings > Services Management) or 443 port (when nginx is disabled in Tools & Settings > Services Management):

    • on CentOS/RHEL-based distributions

      # netstat -tunap | grep httpd
      tcp    0    0 0.0.0.0:7080    0.0.0.0:*    LISTEN    2647/httpd

    • on Debian/Ubuntu-based distributions

      # netstat -tunap | grep apache
      tcp6    0    0    :::7080    :::*    LISTEN    763/apache2

Resolution

Enable Apache ssl_module:

 

For CentOS/RHEL-based distributions

 

  1. Connect to the Plesk server via SSH.

  2. Make sure that the conf.d directory is included in Apache configuration:

    # grep IncludeOptional /etc/httpd/conf/httpd.conf
    IncludeOptional conf.d/*.conf

    If no output is returned or the line has a hash sign "#" at the beginning, open the file /etc/httpd/conf/httpd.conf in any text editor (for example, vi editor) and add/uncomment the mentioned line.

  3. Restore the default ssl.conf file:

    3.1. Download the file for your OS and unzip it:

    • CentOS/RHEL/CloudLinux 8

      # wget https://cpanel.zendesk.com/hc/article_attachments/12377382019607 -O ssl_conf_8.zip

      # unzip ssl_conf_8.zip

    • CentOS/RHEL/CloudLinux 7

      # wget https://cpanel.zendesk.com/hc/article_attachments/12377433751447 -O ssl_conf_7.zip

      # unzip ssl_conf_7.zip

    3.2. Rename the original file, if exists:

    # mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.old

    3.3. Put the file in the conf.d directory:

    # mv ssl.conf /etc/httpd/conf.d/

  4. Restore SELinux context of the file:

    # restorecon /etc/httpd/conf.d/ssl.conf

  5. Restart Apache:

    # service httpd restart

  6. Verify that Apache is now listening on port 7081:

    # netstat -tunap | grep httpd
    tcp 0 0 0.0.0.0:7080 0.0.0.0:* LISTEN 17817/httpd
    tcp 0 0 0.0.0.0:7081 0.0.0.0:* LISTEN 17817/httpd

 

For Debian/Ubuntu-based distributions

 

  1. Connect to a Plesk server via SSH.

  2. Create two symbolic links:

    # ln -s /etc/apache2/mods-available/ssl.conf /etc/apache2/mods-enabled/ssl.conf
    # ln -s /etc/apache2/mods-available/ssl.load /etc/apache2/mods-enabled/ssl.load

  3. Restart Apache:

    # service apache2 restart

  4. Verify that Apache is now listening on port 7081:

    # netstat -tunap | grep apache
    tcp6 0 0 :::7080:::* LISTEN 2462/apache2
    tcp6 0 0 :::7081:::* LISTEN 2462/apache2

 

 

 

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2024 WebPros International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of WebPros International GmbH.

Managed with love with Plesk WP Toolkit