can`t start cPanel ssl service

[serj]

Code:

# service cpanel start
Starting eximstats:                                        [  OK  ]
Starting cPanel services:                                  [  OK  ]
Starting cPanel Log services:                              [  OK  ]
Starting pop3 services:                                    [  OK  ]
Starting cPanel Chat services:                             [  OK  ]
Starting Melange Chat services:                            [  OK  ]
Starting cPanel ssl services:                              [FAILED]
Starting mailman services: Starting Mailman's master qrunner.

/etc/init.d/cpanel --> /usr/local/cpanel/startstunnel --> /usr/local/cpanel/etc/init/startstunnel --> /usr/local/cpanel/cpsrvd-ssl --bincheck

Code:

# /usr/local/cpanel/cpsrvd-ssl --bincheck
/usr/local/cpanel/cpsrvd-ssl: error while loading shared libraries:
/usr/local/cpanel/perl/Net/SSLeay/SSLeay.so: cannot open shared object
file: No such file or directory

how to fix it?

tried

Code:

# /scripts/perlinstaller Net::SSLeay
Method: Perl Expect
Testing connection speed...(this could take a while)....Done
Three usable mirrors located
Mirror Check passed for cpan.m.flirble.org (/index.html)
commit: wrote /usr/lib/perl5/5.8.7/CPAN/Config.pm
CPAN: Storable loaded ok
Going to read /home/.cpan/Metadata
  Database was generated on Sun, 18 Sep 2005 23:10:12 GMT
Net::SSLeay is up to date.
perlmod--Install done

system: WHM 10.6.0 cPanel 10.8.0-C19 Fedora Core 1 i686

[Blue|Fusion]

This just happened on a friends VPS and here's what I did:

rpm -e `rpm -q stunnel`
/scripts/upcp --force

[Izzee]

Just had the same issue.

The command `ps ax | grep stunnel` will show whether stunnel is running or not. When it is running, the output will look like this:

root@server [/]# ps ax | grep stunnel
5139 ? S 0:00 /usr/bin/stunnel-4.04local /usr/local/cpanel/etc/stunnel/default/stunnel.conf.run
21120 ? S 0:00 grep stunnel
root@server [/]#

A cpanel restart using the command

/etc/rc.d/init.d/cpanel restart

will restart the stunnel and activate the cpanel's secure ports.

HTH

[taotoon]

very buggy...I faced the same problem for 1 month... I found FAQ at EuroVPS ..( thankz )


http://support.eurovps.com/index.php...mmentsuccess=1



cPanel Secure Port's Not Working

Solution

If you have just noticed you can't access the secure cPanel Port's or POP3 E-Mail then you may have the following problem. Grab a reliable SSH Client (PuTTY) and use the following tutorial:

1. Log into your server using SSH as 'root'

2. Move directory 'cd /etc'

3. Run the following commands '/etc/init.d/xinetd stop' & '/etc/init.d/cpanel restart'

4. Try your Secure cPanel Port's / POP3 now, they should be working, you will need to do this after every restart of your VPS / Dedicated Server.

Unfortunately this is a cPanel / WHM bug and is in no way related to the services provided by EuroVPS.

KnowledgeBase Article: Chris Imrie / EuroVPS Technician

[chirpy]

That isn't a cPanel bug at all. It's a misconfiguration of the OS from before cPanel is installed. You need to make sure that no other services are binding to the ports that cPanel uses in xinetd. Typically, it's an imaps service in /etc/xinetd.d/.

[taotoon]

Thanks a dozen! Now working... I would like to share my config files for the next coming newbies.


Because of stunnel conflict with xinetd. I saw the error in /var/log/messages.

Dec 4 12:00:12 server stunnel[12928]: Error binding pop3s to 0.0.0.0:995

We should disable all SSL services that use in xinetd.
To avoid "Authentication failed for UNKNOWN USER" error,
we should disable all imap and pop services too except the cpimap.
( Well, all services in /etc/xinetd.d are disabled except the only one cpimap )

Code:

root@server [/etc/xinetd.d]# more cpimap imaps ipop2 ipop3 pop3s popa3d popa3ds

::::::::::::::
cpimap
::::::::::::::
# default: off
# description: imapd
service imap
{
        disable                 = no
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/local/cpanel/3rdparty/bin/imapd
}

::::::::::::::
imaps
::::::::::::::
# default: off
# description: The IMAPS service allows remote users to access their mail \
#              using an IMAP client with SSL support such as Netscape \
#              Communicator or fetchmail.
service imaps
{
        disable                 = yes
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/imapd
        log_on_success  += HOST DURATION
        log_on_failure  += HOST
}

::::::::::::::
ipop2
::::::::::::::
# default: off
# description: The POP2 service allows remote users to access their mail \
#              using an POP2 client such as fetchmail.  In most cases, clients \
#              support POP3 instead of POP2, so enabling this service is rarely \
#              necessary.
service pop2
{
        disable                 = yes
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/ipop2d
        log_on_success  += HOST DURATION 
        log_on_failure  += HOST
}

::::::::::::::
ipop3
::::::::::::::
# default: off
# description: The POP3 service allows remote users to access their mail \
#              using an POP3 client such as Netscape Communicator, mutt, \
#              or fetchmail.
service pop3
{
        disable                 = yes
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/ipop3d
        log_on_success  += HOST DURATION
        log_on_failure  += HOST
}

::::::::::::::
pop3s
::::::::::::::
# default: off
# description: The POP3S service allows remote users to access their mail \
#              using an POP3 client with SSL support such as fetchmail.
service pop3s
{
        disable                 = yes
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/ipop3d
        log_on_success  += HOST DURATION
        log_on_failure  += HOST
}

::::::::::::::
popa3d
::::::::::::::
# default: off
# description: The POP3 service allows remote users to access their mail \
#              using an POP3 client such as Netscape Communicator, mutt, \
#              or fetchmail.
service pop3
{
        disable                 = yes
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/popa3d
}

::::::::::::::
popa3ds
::::::::::::::
# default: off
# description: The POP3S service allows remote users to access their mail \
#              using an POP3 client with SSL support such as fetchmail.
service pop3s
{
        disable                 = yes
        socket_type             = stream
        wait                    = no
        user                    = root
        server                  = /usr/sbin/stunnel
        server_args             = /etc/stunnel/stunnel.conf-pop3
}

[taotoon]

Then we have to do:

1. stop cpanel
2. restart xinetd
3. start cpanel

Code:

root@server [/etc/init.d]# ./cpanel stop

Stopping cPanel services:  [  OK  ]
Stopping pop3 services:  [  OK  ]
Stopping cPanel log services: [  OK  ]
Stopping cPanel Chat services: [FAILED]
Stopping Melange Chat services: [FAILED]
Stopping InterChange services: [FAILED]
Stopping cPanel ssl services:  [  OK  ]

Stopping mailman services: Shutting down Mailman's master qrunner
PID unreadable in: /usr/local/cpanel/3rdparty/mailman/data/master-qrunner.pid
[Errno 2] No such file or directory: '/usr/local/cpanel/3rdparty/mailman/data/master-qrunner.pid'
Is qrunner even running?

root@server [/etc/init.d]# ./xinetd restart

Stopping xinetd: [  OK  ]
Starting xinetd: [  OK  ]

root@server [/etc/init.d]# ./cpanel start

Starting eximstats: [  OK  ]
Starting cPanel services: [  OK  ]
Starting cPanel Log services: [  OK  ]
Starting pop3 services: [  OK  ]
Starting cPanel Chat services: 
Starting Melange Chat services: 
Starting cPanel ssl services: [  OK  ]

[taotoon]

Check out /var/log/messages

Good! No error detect.

Code:

root@server [/var/log]# tail -100 messages

Dec  4 23:36:10 server stopcpsrvd: Waiting for cpsrvd to shutdown....
Dec  4 23:36:11 server stopcpsrvd: ..Done
Dec  4 23:36:11 server stopcpsrvd: Waiting for cpsrvd-ssl to shutdown....
Dec  4 23:36:11 server stopcpsrvd: ..Done
Dec  4 23:36:11 server cpanel: Stopping cPanel services:  succeeded
Dec  4 23:36:11 server stopcppop: Waiting for cppop to shutdown....
Dec  4 23:36:11 server stopcppop: ..Done
Dec  4 23:36:12 server stopcppop: Waiting for cppop-ssl to shutdown....
Dec  4 23:36:12 server stopcppop: ..Done
Dec  4 23:36:12 server cpanel: Stopping pop3 services:  succeeded
Dec  4 23:36:12 server cpanel: cpanellogd shutdown succeeded
Dec  4 23:36:12 server cpanel: entropychat shutdown failed
Dec  4 23:36:12 server cpanel: melange shutdown failed
Dec  4 23:36:12 server cpanel: interchange shutdown failed
Dec  4 23:36:12 server cpanel: Stopping cPanel ssl services:  succeeded

Dec  4 23:36:24 server xinetd[17065]: Exiting...
Dec  4 23:36:24 server xinetd: xinetd shutdown succeeded
Dec  4 23:36:25 server xinetd: xinetd startup succeeded
Dec  4 23:36:25 server xinetd[2591]: xinetd Version 2.3.12 started with libwrap loadavg options compiled in.
Dec  4 23:36:25 server xinetd[2591]: Started working: 2 available services

Dec  4 23:36:32 server cpanel: starteximstats startup succeeded
Dec  4 23:36:33 server startcpsrvd: Waiting for cpsrvd to shutdown....
Dec  4 23:36:33 server cpanel: startcpsrvd startup succeeded
Dec  4 23:36:33 server cpanellogd: ==> cPanel Log Daemon version 22.0
Dec  4 23:36:33 server cpanellogd: ==> Shared RRDTOOL support enabled
Dec  4 23:36:33 server cpanel: cpanellogd startup succeeded
Dec  4 23:36:33 server startcppop: Waiting for cppop to shutdown....
Dec  4 23:36:33 server startcppop: ..Done
Dec  4 23:36:34 server startcppop: Waiting for cppop-ssl to shutdown....
Dec  4 23:36:34 server startcppop: ..Done
Dec  4 23:36:34 server cpanel: startcppop startup succeeded
Dec  4 23:36:35 server stunnel[10112]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
Dec  4 23:36:35 server stunnel[10112]: FD_SETSIZE=16384, file ulimit=1024 -> 500 clients allowed
Dec  4 23:36:35 server cpanel: startstunnel startup succeeded

[jwhysleep]

Then we have to do:

1. stop cpanel
2. restart xinetd
3. start cpanel

Code:

root@server [/etc/init.d]# ./cpanel stop

Stopping cPanel services:  [  OK  ]
Stopping pop3 services:  [  OK  ]
Stopping cPanel log services: [  OK  ]
Stopping cPanel Chat services: [FAILED]
Stopping Melange Chat services: [FAILED]
Stopping InterChange services: [FAILED]
Stopping cPanel ssl services:  [  OK  ]

Stopping mailman services: Shutting down Mailman's master qrunner
PID unreadable in: /usr/local/cpanel/3rdparty/mailman/data/master-qrunner.pid
[Errno 2] No such file or directory: '/usr/local/cpanel/3rdparty/mailman/data/master-qrunner.pid'
Is qrunner even running?

root@server [/etc/init.d]# ./xinetd restart

Stopping xinetd: [  OK  ]
Starting xinetd: [  OK  ]

root@server [/etc/init.d]# ./cpanel start

Starting eximstats: [  OK  ]
Starting cPanel services: [  OK  ]
Starting cPanel Log services: [  OK  ]
Starting pop3 services: [  OK  ]
Starting cPanel Chat services: 
Starting Melange Chat services: 
Starting cPanel ssl services: [  OK  ]

Ok did this
/var/log/messages
========================================================
Dec 5 06:18:10 server1 stopcpsrvd: Waiting for cpsrvd to shutdown...
Dec 5 06:18:10 server1 stopcpsrvd: ...Done
Dec 5 06:18:10 server1 stopcpsrvd: Waiting for cpsrvd-ssl to shutdown...
Dec 5 06:18:10 server1 stopcpsrvd: ...Done
Dec 5 06:18:10 server1 cpanel: Stopping cPanel services: succeeded
Dec 5 06:18:10 server1 stopcppop: Waiting for cppop to shutdown...
Dec 5 06:18:10 server1 stopcppop: ...Done
Dec 5 06:18:10 server1 stopcppop: Waiting for cppop-ssl to shutdown...
Dec 5 06:18:10 server1 stopcppop: ...Done
Dec 5 06:18:10 server1 cpanel: Stopping pop3 services: succeeded
Dec 5 06:18:10 server1 cpanel: cpanellogd shutdown succeeded
Dec 5 06:18:11 server1 cpanel: entropychat shutdown succeeded
Dec 5 06:18:11 server1 cpanel: melange shutdown failed
Dec 5 06:18:11 server1 cpanel: interchange shutdown failed
Dec 5 06:18:11 server1 cpanel: Stopping cPanel ssl services: succeeded
Dec 5 06:18:25 server1 xinetd[6716]: Exiting...
Dec 5 06:18:25 server1 xinetd: xinetd shutdown succeeded
Dec 5 06:18:25 server1 xinetd: xinetd startup succeeded
Dec 5 06:18:25 server1 xinetd[9335]: Unknown user: ident [file=/etc/xinetd.d/auth] [line=14]
Dec 5 06:18:25 server1 xinetd[9335]: Error parsing attribute user - DISABLING SERVICE [file=/etc/xinetd.d/auth] [line=14]
Dec 5 06:18:25 server1 xinetd[9335]: pmap_set failed. service=sgi_fam program=391002 version=2
Dec 5 06:18:26 server1 xinetd[9335]: xinetd Version 2.3.12 started with libwrap loadavg options compiled in.
Dec 5 06:18:26 server1 xinetd[9335]: Started working: 1 available service
Dec 5 06:18:34 server1 cpanel: starteximstats startup succeeded
Dec 5 06:18:34 server1 startcpsrvd: Waiting for cpsrvd to shutdown...
Dec 5 06:18:34 server1 cpanel: startcpsrvd startup succeeded
Dec 5 06:18:34 server1 cpanellogd: ==> cPanel Log Daemon version 22.0
Dec 5 06:18:34 server1 cpanellogd: ==> Shared RRDTOOL support enabled
Dec 5 06:18:34 server1 cpanel: cpanellogd startup succeeded
Dec 5 06:18:35 server1 startcppop: Waiting for cppop to shutdown...
Dec 5 06:18:35 server1 startcppop: ...Done
Dec 5 06:18:35 server1 startcppop: Waiting for cppop-ssl to shutdown...
Dec 5 06:18:35 server1 startcppop: ...Done
Dec 5 06:18:35 server1 cpanel: startcppop startup succeeded
Dec 5 06:18:35 server1 entropychat: Listening on port 2084...
Dec 5 06:18:35 server1 cpanel: entropychat startup succeeded
Dec 5 06:18:35 server1 stunnel[9402]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
Dec 5 06:18:35 server1 stunnel[9402]: SSL_CTX_use_RSAPrivateKey_file: B080074: error:0B080074:x509 certificate routines:X509_check$
Dec 5 06:18:35 server1 cpanel: startstunnel startup failed

===================================================

root@server1 [/etc/init.d]# ./xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
root@server1 [/etc/init.d]# ./cpanel start
Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting cPanel Log services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services: [ OK ]
Starting Melange Chat services:
Starting cPanel ssl services: [FAILED]
Starting mailman services: Starting Mailman's master qrunner.
======================================================
/usr/local/cpanel/etc/stunnel/default/stunnel.conf

# Sample stunnel configuration file
# Copyright by Michal Trojnara 2002

# Comment it out on Win32
cert = /usr/local/cpanel/etc/cpanel.pem
chroot = /usr/local/cpanel/var/run/stunnel/
# PID is created inside chroot jail
pid = /stunnel.pid
setuid = cpanel
setgid = cpanel

# Authentication stuff
#verify = 2
# don't forget about c_rehash CApath
# it is located inside chroot jail:
#CApath = /certs
# or simply use CAfile instead:
#CAfile = /usr/local/etc/stunnel/certs.pem

# Some debugging stuff
#debug = 7
#output = stunnel.log

# Use it for client mode
#client = yes

# Service-level configuration

[pop3s]
accept = 995
connect = 110

[imaps]
accept = 993

[imaps]
accept = 993
connect = 143

#[ssmtp]
#accept = 465
#exec = /usr/sbin/sendmail
#execargs = -bs

[cpanelhttps]
accept = 2083
connect = 2082
TIMEOUTclose = 0

[whmhttps]
accept = 2087
connect = 2086
TIMEOUTclose = 0

[webmailhttps]
accept = 2096
connect = 2095
TIMEOUTclose = 0
-------------------------------------------------------------------------------------------
I checked /usr/local/cpanel/var/run/stunnel/
and its empty
---------------------------------------------------------------
restarted portsentry and got the following errors

Dec 5 07:09:48 server1 cpanel: startstunnel startup failed
Dec 5 07:09:57 server1 portsentry[12350]: adminalert: Psionic PortSentry 1.1 is starting.
Dec 5 07:09:57 server1 portsentry[12351]: adminalert: Going into listen mode on TCP port: 1
Dec 5 07:09:57 server1 portsentry[12351]: adminalert: Going into listen mode on TCP port: 111
Dec 5 07:09:57 server1 portsentry[12351]: adminalert: PortSentry is now active and listening.
Dec 5 07:09:57 server1 portsentry: Starting portsentry -tcp: succeeded
Dec 5 07:09:57 server1 portsentry[12354]: adminalert: Psionic PortSentry 1.1 is starting.
Dec 5 07:09:57 server1 portsentry[12355]: adminalert: ERROR: No UDP ports supplied in config file. Aborting
Dec 5 07:09:57 server1 portsentry[12355]: adminalert: ERROR: could not go into PortSentry mode. Shutting down.
Dec 5 07:09:57 server1 portsentry[12355]: securityalert: Psionic PortSentry is shutting down
Dec 5 07:09:57 server1 portsentry[12355]: adminalert: Psionic PortSentry is shutting down
Dec 5 07:09:57 server1 portsentry: Starting portsentry -udp: succeeded
--------------------------------------------------------------------------------
Should I just comment out the stunnel conf

cert = /usr/local/cpanel/etc/cpanel.pem
chroot = /usr/local/cpanel/var/run/stunnel/
----------------------------------------------------------------------------
root@server1 [~]# /etc/rc.d/init.d/cpanel restart
Stopping cPanel services: [ OK ]
Stopping pop3 services: [ OK ]
Stopping cPanel log services: [ OK ]
Stopping cPanel Chat services: [ OK ]
Stopping Melange Chat services: [FAILED]
Stopping InterChange services: [FAILED]
Stopping cPanel ssl services: [ OK ]

Stopping mailman services: Shutting down Mailman's master qrunner

Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting cPanel Log services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services: [ OK ]
Starting Melange Chat services:
Starting cPanel ssl services: [FAILED]
Starting mailman services: Starting Mailman's master qrunner.
------------------------------------------------------------------------------
bump
Ok How do I fix this
???

[jwhysleep]

anybody know of a tutorial or a how to fix

[jwhysleep]

Stunnel failed to start ssl failed to start intechange and malange failed to start
APF is disabled and the ports where all checked
portsentry failed to restart

opened this file up
nano cert = /usr/local/cpanel/etc/cpanel.pem
and first deleted the key values in there still no fix
then i pasted the values in this file to reflect the new keys
Im at a stopping point
port 2087 doesnt open and a few other issues

ps ax | grep stunnel
result
5866 pts/0 S 0:00 grep stunnel


below is the error in the log file

[jwhysleep]

This is the error in the logs
need a little help

Dec 6 09:00:12 server1 stunnel[5085]: stunnel 4.04 on i686-pc-linux-gnu PTHREAD+LIBWRAP with OpenSSL 0.9.7a Feb 19 2003
Dec 6 09:00:12 server1 stunnel[5085]: SSL_CTX_use_RSAPrivateKey_file: B080074: error:0B080074:x509 certificate routines:X509_chec.k$_check_private_key:key values mismatch

[jwhysleep]

Are these support forums or the only way to get a fix is to pull a support ticket

[jwhysleep]

Reset the Server Cirtificate fixed the problem

[chirpy]

Are these support forums or the only way to get a fix is to pull a support ticket

No, they're not support forums. The forums are for like-minded server admins to help each other out when or whether they wish. For support you need to log a ticket with your cPanel license provider, and if that's cPanel then directly with them.