Starting cPanel ssl services: [Failed]

[acenetryan]

This was a fun little error. I will share in case anyone else comes across this.

Upon restarting cPanel, I would see the following error:

Starting cPanel ssl services: [FAILED]

and in /var/log/messages:

Error binding pop3s to 0.0.0.0:995
bind: Address already in use (98)

I checked the usual fix, /etc/xinetd.d/, made sure there were no port conflicts. Tried again, same error.

After

ps aux | grep stunnel

I notice my processes are still many days old (i.e. they are not getting killed).

After digging, I find the script responsible for stopping stunnel:

/usr/local/cpanel/etc/init/stopstunnel

pico stopstunnel

shows:

#!/usr/bin/perl

killstunnel();
sub killstunnel {
system("/scripts/ckillall -9 stunnel");
system("/scripts/ckillall -9 stunnel-3.22local");
system("/scripts/ckillall -9 stunnel-4.00local");
system("/scripts/ckillall -9 stunnel-4.02local");
system("/scripts/ckillall -9 stunnel-4.04local");
system("/scripts/ckillall -9 stunnel-4.05local");
}

but I'm running stunnel version 4.15!

added:

system("/scripts/ckillall -9 stunnel-4.15local");

Make sure to chattr your stopstunnel or cPanel will overwrite this each time you upcp.

chattr +i /usr/local/cpanel/etc/init/stopstunnel

Good to go.

Happy hunting.

 

[neon-light]

Recently spotted I had the same problem, tried the other suggestions but this fixed it.
Many Thanks!

 

[dragon2611]

Had hte same problem here, fixed it for me to.

Considering Im running the release version of cpanel you'd think they would have spotted and fixed that bug before releasing it, i thought release was supposed to be the tested version

 

[Zpeed]

Hehe, nice. This solved my SSL problem. I put in a renewed SSL certificate, but whatever I tried it didn't seem to actually refresh. It now turns out I had the same stunnel problem and this fixed it!

See this thread

Thanks!

 

[mosthost]

Thank you, worked for me too.

 

[isputra]

This method worked for me too.

Look at this thread

 

[shacker23]

In order for this tweak to work you'll first have to run:

/usr/local/cpanel/etc/init/stopstunnel
/usr/local/cpanel/etc/init/startstunnel

THEN you can try installing your certificate again.

 

[acenetryan]

Courier and port conflicts

Additionally, I've noticed on fresh installs of cPanel that courier is running by default. Apparently it creates a port conflict with cPanel SSL Services. I have to manually kill all the courier related processes before the cPanel secure ports will work.

I've searched the forums extensively and have been unable to find if I need to disable courier somewhere to stop these processes from starting again. I haven't seen the processes come back, so I'm guessing not. Can anyone shed some light?

 

[acenetryan]

Found it:

service courier-imap stop

I don't believe this will break any of my exim-related mail, but this is my first run in with courier. All sources on the web seem to indicate the two are very much unrelated. If anyone has any input, it's appreciated.

EDIT:

Looks like courier-imap and courier-authlib run cppop. I'm not at all familiar with this change, but it seems I shouldn't be killing these. Heh.

 

[alex2k]

I got same problem about stunnel, I follow instruction on first post, I can run stunnel again.
But when access whm using https on port 2087, I got blank page only

Right now I cant access cpanel and whm using https.
Anyone know how to fix it?

 

[avijit]

run the /usr/local/cpanel/etc/init/startstunnel and then try to see if that allowes the access. Often It can be the firewall. So try iptables -F , iptables -X and see.

 

[alex2k]

Thank's for reply avijit
I try your instructions, whm using ssl work but I still got blank page

 

[Pinoywh]

HI,

Having this problem also, and all solutions found on this site is not working... kinldy help:

root@server [/etc/xinetd.d]# service cpanel restart
Stopping cPanel services:                                  [  OK  ]
Stopping pop3 services:                                    [  OK  ]
Stopping cPanel log services:                              [  OK  ]
Stopping cPanel Chat services:                             [  OK  ]
Stopping Melange Chat services:                            [  OK  ]
Stopping InterChange services:                             [FAILED]
Stopping cPanel ssl services:                              [  OK  ]

Stopping mailman services: Shutting down Mailman's master qrunner

Starting eximstats:                                        [  OK  ]
Starting cPanel services:                                  [  OK  ]
Starting cPanel Log services:                              [  OK  ]
Starting pop3 services:                                    [  OK  ]
Starting cPanel Chat services:                             [  OK  ]
Starting Melange Chat services:                            [  OK  ]
Starting cPanel ssl services:                              [FAILED]
Starting mailman services: Starting Mailman's master qrunner.


Jun  9 02:51:32 server stunnel: LOG5[30654:3086792928]: stunnel 4.15 on i686-pc-linux-gnu with OpenSSL 0.9.7a Feb 19 2003
Jun  9 02:51:32 server stunnel: LOG5[30654:3086792928]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP
Jun  9 02:51:32 server stunnel: LOG5[30654:3086792928]: 500 clients allowed
Jun  9 02:51:32 server stunnel: LOG3[30654:3086792928]: Error binding pop3s to 0.0.0.0:995
Jun  9 02:51:32 server stunnel: LOG3[30654:3086792928]: bind: Address already in use (98)
Jun  9 02:51:32 server cpanel: startstunnel startup failed

I also checked /etx/xinetd.d/ and there is no *pop* file in there and all are disabled except for cpimap. Anybody can help? I already open a ticket, but still waiting..

Thanks
Luke

 

[Stephanie_R]

Starting cPanel ssl services: [FAILED]


I found the easiest fix to be as below,

I didn't have tiome to hit the links to other posts so forgive me if I'm duplicating:

ps -ef | grep stunnel

kill -9 <PID>

/etc/init.d/cpanel restart

Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting cPanel Log services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services: [ OK ]
Starting Melange Chat services: [ OK ]
Starting cPanel ssl services: [ OK ]

Then go reset the cert in WHM, all is good.

As I said if this is a dupe, please forgive my lack of time to read everything through.

 

[Pinoywh]

Hi,


Thanks for the reply, stopping stunnel does not help, coz I think there is a conflict and I don't know where I can find it.. and release it..

kindly help

 

[Dawzz]

Pinoywh

I had this problem and doing the 3 step method would work until reboot or cpanel restart.
What I ended up doing was edit /etc/xinetd.d/popa3d to make sure that it had enable=no seems that it was enabled by default from fresh install of os.

 

[Pinoywh]

Hi,

Thanks for the reply, but that file or any with *pop* is not present... and I checked all files and all are set to disable=yes except for cpimap.

Regards,
Luke

 

[acenetryan]

If you look at some of my earlier posts, I had some trouble with courier on new installs of cPanel. After digging, I found that courier controls cppop. However, on fresh installs, it seems to create a port conflict. I obviously can't stop courier, but I've found that running the following fixed things for me:

service courier-authlib stop
service courier-imap stop
service cpanel restart
service courier-authlib start
service courier-imap start

 

[Pinoywh]

Hi,

Thank you so much! This workaround works! Excellent :D

Regards,
Luke

 

[jboarman]

This Fixed My Probleb Too!

As a newbie, I was having a lot of trouble figuring out how to replace the WHM default cpanel.pem cert. After modifying the script as instructed here and stopping and starting the cpanel service, the new cert appeared like magic.

How can we report this bug to cPanel to fix permanently?!?

Also, are there cookbook-style helper docs out there to help a newbie install the WHM server managemet cert? This needs to be created, perhaps I will if it does not already exist. Lemme Know!

-Jonathan