SOLVED: Apache / SSL problems - related to a VPS / firewall?

[drkirkby]

I have paid for a Virtual Private Server (VPS) at 1&1 in the UK to host http://www.kickbymicrowave.co.uk/ and hopefully a secure version https://www.kickbymicrowave.co.uk/, but the latter is presenting me problems.

The It is running Debian. 9

Code: Select all

root@localhost:~# cat /etc/issue
Debian GNU/Linux 9 \n \l

I installed the Apache ssl module, installed SSL certificates, and have in the Apache configuration file

Code: Select all

 /etc/apache2/sites-enabled/000-default.conf,

a Virtual Host with

Code: Select all

<VirtualHost *:443>
        ServerName www.kickbymicrowave.co.uk
        ServerAdmin drkirkby@kickbymicrowave.co.uk
        DocumentRoot /var/www/html/kickbymicrowave.co.uk
        ErrorLog ${APACHE_LOG_DIR}/error-kickbymicrowave.co.uk-SSL.log
        CustomLog ${APACHE_LOG_DIR}/access-kickbymicrowave.co.uk-SSL.log combined
        SSLEngine on
        SSLCertificateKeyFile /etc/ssl/private/www_kickbymicrowave_co_uk.key
        SSLCertificateFile /etc/ssl/ssl.crt/www_kickbymicrowave_co_uk.crt
        SSLCertificateChainFile /etc/ssl/ssl.crt/www_kickbymicrowave_co_uk.ca-bundle
</VirtualHost>

Using a browser tor try to connect to the secure website https://www.kickbymicrowave.co.uk/ fails - the browser just waits forever.

As far as I can determine, port 443 is open on the server, as I can telnet to the port, and its clear telnet connects, although of course there's nothing useful one can do with telnet, but it is an easy way to see if a port is open.

Code: Select all

root@localhost:~# telnet localhost 443
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.

lsof shows port 443 is open too.

But from a remote computer,

Code: Select all

drkirkby@hawk:~$ telnet 109.228.58.153 443
Trying 109.228.58.153...
telnet: Unable to connect to remote host: Connection timed out
drkirkby@hawk:~$ 

I have not configured any firewall, but wondered if there was one enabled that was blocking port 443.

Code: Select all

root@localhost:/etc/apache2/sites-enabled# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

I don't think its a firewall issue. I'm really a bit puzzled. Can anyone suggest anything?

[drkirkby]

I found the solution - the 1&1 control panel for the virtual private server (VPS) had to be configured to allow port 443 in.

[debiman]

good.
fwiw, i can see the https version just like the http version.
now please mark your thread SOLVED.

[drkirkby]

good.
fwiw, i can see the https version just like the http version.
now please mark your thread SOLVED.

How do I do that? Is there a specific button button on the site to do that, or shall I just change the title to include the word SOLVED?

[arzgi]

How do I do that? Is there a specific button button on the site to do that, or shall I just change the title to include the word SOLVED?

The latter, edit the first post of the thread, and insert SOLVED at the beginning of title.