NGINX service failed to restart

[Mark Donne]

Hi Forum

Yesterday we helped a client enable NGINX with Reverse Proxy on their WHM/cPanel server v96.0.11. The installation process was as simple as clicking the "Install" button under NGINX® Manager and after a couple of minutes it was complete. We then tested a few of the websites and confirmed that we could see the Server header was being returned as nginx and not Apache which it was. Everything was working well.

However, this morning all of the clients websites were down and the problem was caused by NGINX not being able to load or find one of the SSL certificates for a single website, so the NGINX service could not start back up.

Here is one of the log entries (they all started at 02:00 this morning and kept repeating each time the NGINX service tried to start!)

[2021-06-23 08:40:43 +0100] info [restartsrv_nginx] systemd failed to start the service “nginx” (The “/usr/bin/systemctl restart nginx.service --no-ask-password” command (process 1032996) reported error number 1 when it ended.):
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xe" for details.
Waiting for “nginx” to start ………failed. Cpanel::Exception::Services::StartError Service Status undefined status from Cpanel::ServiceManager::Services::Nginx Service Error (XID 7pwqm3)
The “nginx” service failed to start.

Startup Log
Jun 23 08:40:42 cpanel.xxxxxxxxxxxxxxxxxx.co.uk systemd[1]: Starting nginx - high performance web server...
Jun 23 08:40:43 cpanel.xxxxxxxxxxxxxxxxxx.co.uk nginx[1032997]: nginx: [emerg] cannot load certificate "/var/cpanel/ssl/apache_tls/xxxxxxx.co.uk/combined":
BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/var/cpanel/ssl/apache_tls/xxxxxxx.co.uk/combined','r') error:2006D080:BIO routines:BIO_new_file:no such file)
Jun 23 08:40:43 cpanel.xxxxxxxxxxxxxxxxxx.co.uk systemd[1]: nginx.service: control process exited, code=exited status=1
Jun 23 08:40:43 cpanel.xxxxxxxxxxxxxxxxxx.co.uk systemd[1]: Failed to start nginx - high performance web server.
Jun 23 08:40:43 cpanel.xxxxxxxxxxxxxxxxxx.co.uk systemd[1]: Unit nginx.service entered failed state.
Jun 23 08:40:43 cpanel.xxxxxxxxxxxxxxxxxx.co.uk systemd[1]: nginx.service failed. Log Messages
Jun 23 08:40:43 cpanel nginx: nginx: [emerg] cannot load certificate "/var/cpanel/ssl/apache_tls/xxxxxxx.co.uk/combined": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/var/cpanel/ssl/apache_tls/xxxxxxx.co.uk/combined','r') error:2006D080:BIO routines:BIO_new_file:no such file) nginx has failed. Contact your system administrator if the service does not automagically recover.

The SSL certificate in question that could not load was a Self Signed certificate.

The fact that there was a problem with loading the Self Signed SSL certificate does not bother me so much but what does bother and concern me is that this 1 website prevented the other 102 websites from working.

Surely this must be an NGINX configuration issue somewhere in the default settings?

Has anybody else experienced this or know of a way to ensure NGINX ignores the 1 error and continues to load the other websites?

Thanks
Mark Donne

 

[cPRex]

Hey there! I did some searching on my end for past issues like this, and I haven't found much. I'm wondering if this is just expected behavior since the file in question that it was trying to load was missing, according to that error message.

If you'd like, you could always submit a ticket to our team so we can check it out directly on your machine.