So today my server and all it's domains stopped working because the nginx config was invalid... took a few hours but I figured out what happened:

• Added a (self-signed) existing certificate to the site
• Added another (self-signed) existing certificate to the site (with the intend of replacing the old one)
• Removing the old certificate

Result: Broken nginx config and server state since the SSL files are removed from the server but the nginx configuration still includes them.

Note: I did these steps a few weeks ago, only broke now because I had to restart nginx for package updates.

After debugging I found this is because the SSL config is created as /etc/nginx/ssl/<sitename> and corresponding /etc/nginx/ssl/certificates/<sitename>.{crt,key}. When multiple certificates are named the same (the user has no control over this name) Ploi simply overwrites existing files. When then removing one of the certificates from Ploi the files are simply deleted, but since Ploi still has a certificate listed the SSL config stays trying to include the deleted /etc/nginx/ssl/<sitename> causing the nginx config to be in a broken state. Can only be recovered by re-creating a self-signed cert or removing all certificates from Ploi.

The choice to use <sitename> for the filenames seems like a poor choice in this scenario since multiple certificates can have the same filename causing conflicts and an unexpected state on the server.

Please note that the self-signed certs do not list the <sitename> in them (I explicitly tested this) to see if I had any control over the physical filenames but it seems like self-signed certs (possibly others) have a harcoded filename.

This is obviously not very good, hope it can be fixed since Ploi did not stop me from doing this action it seems like this sequence of actions should be supported! :)