Renewal of Let’s Encrypt Certificates Using Plesk

Note to self: If the Let’s Encrypt extension for Plesk fails to renew a certificate (when triggered manually), disable the automatic forwarding to an SSL connection in the Apache settings. This forced secure connection seems to disturb the renewal script.

The error I got was something like this:

Let's Encrypt SSL certificate installation failed: Failed letsencrypt execution: 2016-01-19 13:56:07,885:WARNING:letsencrypt.cli:Root (sudo) is required to run most of letsencrypt functionality. Failed authorization procedure. removed.domain.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://removed.domain.com/.well-known/acme-challenge/REMOVED-ID [REMOVED IP]: 401 IMPORTANT NOTES: - The following errors were reported by the server: Domain: removed.domain.com Type: urn:acme:error:unauthorized Detail: Invalid response from http://removed.domain.com /.well-known/acme- challenge/REMOVED-ID [REMOVED IP]: 401

See also this bug report on Github.

Let’s hope the extension is going to renew all certificates automatically every month from now on, as it should.

Owncloud with Apache 2.4, PHP FPM, and Plesk

After about two weeks of fiddling around, I finally managed to get my own instance of owncloud up and running with Apache behind Plesk. Here’s how I did it:

  1. Set up a sub-domain in Plesk, e.g. owcloud.mydomain.com
  2. Set up a database for owncloud using Plesk.
  3. Make sure to use HTTP strict transport security by adding the following Apache HTTPS directive:
  4. Create a directory for your owncloud data, e.g. /var/oc_data
  5. Give sufficient permissions to your HTTP user on the data directory:

    In my case, user1 is the the name of the Plesk user with which I had created the sub-domain. psacln is the group assigned to this user by Plesk.
  6. Update PHP to version 5.6.x. There is this bug in version 5.5.x which makes owncloud unusable if you don’t want to use mod_php (which is discouraged).
  7. Configure PHP in Plesk and Apache as follows:
    • Run PHP as an FPM application
    • Set open_basedir to {WEBSPACEROOT}{/}{:}{TMP}{/}{:}/dev/urandom{:}/var/oc_data{/}
    • Set memory_limit to 256M (or something like that)
    • Set max_execution_time to 120 (or something like that)
    • Set max_input_time to 120 (or something like that)
    • Set post_max_size to 128M (or something like that)
    • Set upload_max_filesize to 64M (or something like that)
  8. Check this owncloud documentation page for potential additional PHP settings when running in FPM mode.
  9. Download the setup-owncloud.php web installer as described here and run it from your browser.
  10. Have fun.