Starting cPanel ssl services: [Failed]

acenetryan

Well-Known Member
PartnerNOC
Aug 21, 2005
197
1
168
This was a fun little error. I will share in case anyone else comes across this.

Upon restarting cPanel, I would see the following error:

Starting cPanel ssl services: [FAILED]

and in /var/log/messages:

Error binding pop3s to 0.0.0.0:995
bind: Address already in use (98)

I checked the usual fix, /etc/xinetd.d/, made sure there were no port conflicts. Tried again, same error.

After

ps aux | grep stunnel

I notice my processes are still many days old (i.e. they are not getting killed).

After digging, I find the script responsible for stopping stunnel:

/usr/local/cpanel/etc/init/stopstunnel

pico stopstunnel

shows:

#!/usr/bin/perl

killstunnel();
sub killstunnel {
system("/scripts/ckillall -9 stunnel");
system("/scripts/ckillall -9 stunnel-3.22local");
system("/scripts/ckillall -9 stunnel-4.00local");
system("/scripts/ckillall -9 stunnel-4.02local");
system("/scripts/ckillall -9 stunnel-4.04local");
system("/scripts/ckillall -9 stunnel-4.05local");
}

but I'm running stunnel version 4.15!

added:

system("/scripts/ckillall -9 stunnel-4.15local");

Make sure to chattr your stopstunnel or cPanel will overwrite this each time you upcp.

chattr +i /usr/local/cpanel/etc/init/stopstunnel

Good to go.

Happy hunting.
 
Last edited:

neon-light

Member
Mar 16, 2006
5
0
151
Recently spotted I had the same problem, tried the other suggestions but this fixed it.
Many Thanks!
 

dragon2611

Well-Known Member
Nov 30, 2003
124
0
166
Had hte same problem here, fixed it for me to.

Considering Im running the release version of cpanel you'd think they would have spotted and fixed that bug before releasing it, i thought release was supposed to be the tested version :rolleyes:
 

Zpeed

Member
Mar 4, 2004
7
0
151
Hehe, nice. This solved my SSL problem. I put in a renewed SSL certificate, but whatever I tried it didn't seem to actually refresh. It now turns out I had the same stunnel problem and this fixed it!

See this thread

Thanks!
 

shacker23

Well-Known Member
Feb 20, 2005
263
1
168
In order for this tweak to work you'll first have to run:

/usr/local/cpanel/etc/init/stopstunnel
/usr/local/cpanel/etc/init/startstunnel

THEN you can try installing your certificate again.
 

acenetryan

Well-Known Member
PartnerNOC
Aug 21, 2005
197
1
168
Courier and port conflicts

Additionally, I've noticed on fresh installs of cPanel that courier is running by default. Apparently it creates a port conflict with cPanel SSL Services. I have to manually kill all the courier related processes before the cPanel secure ports will work.

I've searched the forums extensively and have been unable to find if I need to disable courier somewhere to stop these processes from starting again. I haven't seen the processes come back, so I'm guessing not. Can anyone shed some light?
 

acenetryan

Well-Known Member
PartnerNOC
Aug 21, 2005
197
1
168
Found it:

service courier-imap stop

I don't believe this will break any of my exim-related mail, but this is my first run in with courier. All sources on the web seem to indicate the two are very much unrelated. If anyone has any input, it's appreciated.

EDIT:

Looks like courier-imap and courier-authlib run cppop. I'm not at all familiar with this change, but it seems I shouldn't be killing these. Heh.
 
Last edited:

alex2k

Active Member
Sep 10, 2001
41
0
306
I got same problem about stunnel, I follow instruction on first post, I can run stunnel again.
But when access whm using https on port 2087, I got blank page only :(

Right now I cant access cpanel and whm using https.
Anyone know how to fix it?
 

avijit

Well-Known Member
Jul 26, 2004
116
0
166
India
run the /usr/local/cpanel/etc/init/startstunnel and then try to see if that allowes the access. Often It can be the firewall. So try iptables -F , iptables -X and see.
 

alex2k

Active Member
Sep 10, 2001
41
0
306
Thank's for reply avijit
I try your instructions, whm using ssl work but I still got blank page :(
 

Pinoywh

Active Member
Feb 4, 2005
35
0
156
HI,

Having this problem also, and all solutions found on this site is not working... kinldy help:

Code:
[email protected] [/etc/xinetd.d]# service cpanel restart
Stopping cPanel services:                                  [  OK  ]
Stopping pop3 services:                                    [  OK  ]
Stopping cPanel log services:                              [  OK  ]
Stopping cPanel Chat services:                             [  OK  ]
Stopping Melange Chat services:                            [  OK  ]
Stopping InterChange services:                             [FAILED]
Stopping cPanel ssl services:                              [  OK  ]

Stopping mailman services: Shutting down Mailman's master qrunner

Starting eximstats:                                        [  OK  ]
Starting cPanel services:                                  [  OK  ]
Starting cPanel Log services:                              [  OK  ]
Starting pop3 services:                                    [  OK  ]
Starting cPanel Chat services:                             [  OK  ]
Starting Melange Chat services:                            [  OK  ]
Starting cPanel ssl services:                              [FAILED]
Starting mailman services: Starting Mailman's master qrunner.


Jun  9 02:51:32 server stunnel: LOG5[30654:3086792928]: stunnel 4.15 on i686-pc-linux-gnu with OpenSSL 0.9.7a Feb 19 2003
Jun  9 02:51:32 server stunnel: LOG5[30654:3086792928]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP
Jun  9 02:51:32 server stunnel: LOG5[30654:3086792928]: 500 clients allowed
Jun  9 02:51:32 server stunnel: LOG3[30654:3086792928]: Error binding pop3s to 0.0.0.0:995
Jun  9 02:51:32 server stunnel: LOG3[30654:3086792928]: bind: Address already in use (98)
Jun  9 02:51:32 server cpanel: startstunnel startup failed
I also checked /etx/xinetd.d/ and there is no *pop* file in there and all are disabled except for cpimap. Anybody can help? I already open a ticket, but still waiting..

Thanks
Luke
 

Stephanie_R

Active Member
Mar 1, 2004
36
0
156
Starting cPanel ssl services: [FAILED]


I found the easiest fix to be as below,

I didn't have tiome to hit the links to other posts so forgive me if I'm duplicating:

ps -ef | grep stunnel

kill -9 <PID>

/etc/init.d/cpanel restart

Starting eximstats: [ OK ]
Starting cPanel services: [ OK ]
Starting cPanel Log services: [ OK ]
Starting pop3 services: [ OK ]
Starting cPanel Chat services: [ OK ]
Starting Melange Chat services: [ OK ]
Starting cPanel ssl services: [ OK ]

Then go reset the cert in WHM, all is good.

As I said if this is a dupe, please forgive my lack of time to read everything through.
 

Pinoywh

Active Member
Feb 4, 2005
35
0
156
Hi,


Thanks for the reply, stopping stunnel does not help, coz I think there is a conflict and I don't know where I can find it.. and release it..

kindly help
 

Dawzz

Member
Nov 11, 2004
16
0
151
Pinoywh

I had this problem and doing the 3 step method would work until reboot or cpanel restart.
What I ended up doing was edit /etc/xinetd.d/popa3d to make sure that it had enable=no seems that it was enabled by default from fresh install of os.
 

Pinoywh

Active Member
Feb 4, 2005
35
0
156
Hi,

Thanks for the reply, but that file or any with *pop* is not present... and I checked all files and all are set to disable=yes except for cpimap.

Regards,
Luke
 

acenetryan

Well-Known Member
PartnerNOC
Aug 21, 2005
197
1
168
If you look at some of my earlier posts, I had some trouble with courier on new installs of cPanel. After digging, I found that courier controls cppop. However, on fresh installs, it seems to create a port conflict. I obviously can't stop courier, but I've found that running the following fixed things for me:

service courier-authlib stop
service courier-imap stop
service cpanel restart
service courier-authlib start
service courier-imap start
 

jboarman

Member
Jun 1, 2006
5
0
151
This Fixed My Probleb Too!

As a newbie, I was having a lot of trouble figuring out how to replace the WHM default cpanel.pem cert. After modifying the script as instructed here and stopping and starting the cpanel service, the new cert appeared like magic.

How can we report this bug to cPanel to fix permanently?!?

Also, are there cookbook-style helper docs out there to help a newbie install the WHM server managemet cert? This needs to be created, perhaps I will if it does not already exist. Lemme Know!

-Jonathan