SOLVED: Apache / SSL problems - related to a VPS / firewall?

Kernels & Hardware, configuring network, installing services

SOLVED: Apache / SSL problems - related to a VPS / firewall?

Postby drkirkby » 2018-06-18 00:07

I have paid for a Virtual Private Server (VPS) at 1&1 in the UK to host http://www.kirkbymicrowave.co.uk/ and hopefully a secure version https://www.kirkbymicrowave.co.uk/, but the latter is presenting me problems.

The It is running Debian. 9
Code: Select all

root@localhost:~# cat /etc/issue
Debian GNU/Linux 9 \n \l


I installed the Apache ssl module, installed SSL certificates, and have in the Apache configuration file
Code: Select all
 /etc/apache2/sites-enabled/000-default.conf,
a Virtual Host with

Code: Select all
<VirtualHost *:443>
        ServerName www.kirkbymicrowave.co.uk
        ServerAdmin drkirkby@kirkbymicrowave.co.uk
        DocumentRoot /var/www/html/kirkbymicrowave.co.uk
        ErrorLog ${APACHE_LOG_DIR}/error-kirkbymicrowave.co.uk-SSL.log
        CustomLog ${APACHE_LOG_DIR}/access-kirkbymicrowave.co.uk-SSL.log combined
        SSLEngine on
        SSLCertificateKeyFile /etc/ssl/private/www_kirkbymicrowave_co_uk.key
        SSLCertificateFile /etc/ssl/ssl.crt/www_kirkbymicrowave_co_uk.crt
        SSLCertificateChainFile /etc/ssl/ssl.crt/www_kirkbymicrowave_co_uk.ca-bundle
</VirtualHost>



Using a browser tor try to connect to the secure website https://www.kirkbymicrowave.co.uk/ fails - the browser just waits forever.

As far as I can determine, port 443 is open on the server, as I can telnet to the port, and its clear telnet connects, although of course there's nothing useful one can do with telnet, but it is an easy way to see if a port is open.

Code: Select all
root@localhost:~# telnet localhost 443
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.


lsof shows port 443 is open too.

But from a remote computer,
Code: Select all
drkirkby@hawk:~$ telnet 109.228.58.153 443
Trying 109.228.58.153...
telnet: Unable to connect to remote host: Connection timed out
drkirkby@hawk:~$

I have not configured any firewall, but wondered if there was one enabled that was blocking port 443.

Code: Select all
root@localhost:/etc/apache2/sites-enabled# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         


I don't think its a firewall issue. I'm really a bit puzzled. Can anyone suggest anything?
Last edited by drkirkby on 2018-06-19 17:42, edited 1 time in total.
drkirkby
 
Posts: 6
Joined: 2018-06-17 23:24

Re: Apache / SSL problems - related to a VPS / firewall ??

Postby drkirkby » 2018-06-18 00:56

I found the solution - the 1&1 control panel for the virtual private server (VPS) had to be configured to allow port 443 in.
drkirkby
 
Posts: 6
Joined: 2018-06-17 23:24

Re: Apache / SSL problems - related to a VPS / firewall ??

Postby debiman » 2018-06-18 05:09

good.
fwiw, i can see the https version just like the http version.
now please mark your thread SOLVED.
User avatar
debiman
 
Posts: 2818
Joined: 2013-03-12 07:18

Re: Apache / SSL problems - related to a VPS / firewall ??

Postby drkirkby » 2018-06-18 09:13

debiman wrote:good.
fwiw, i can see the https version just like the http version.
now please mark your thread SOLVED.


How do I do that? Is there a specific button button on the site to do that, or shall I just change the title to include the word SOLVED?
drkirkby
 
Posts: 6
Joined: 2018-06-17 23:24

Re: Apache / SSL problems - related to a VPS / firewall ??

Postby arzgi » 2018-06-18 13:27

drkirkby wrote:How do I do that? Is there a specific button button on the site to do that, or shall I just change the title to include the word SOLVED?



The latter, edit the first post of the thread, and insert SOLVED at the beginning of title.
arzgi
 
Posts: 340
Joined: 2008-02-21 17:03
Location: Finland


Return to System configuration

Who is online

Users browsing this forum: sunrat and 4 guests

fashionable