Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Connection refused on HTTPS |
|
| Author |
|
rickwschneider
Joined: 23 Jan 2019
Posts: 7
|
 Posted: Mon 01 Apr '19 22:58 Post subject: Connection refused on HTTPS |
 |
|
I've just discovered a strange issue on my apache server. According to Apache, it's listening on port 443 on IP address 192.168.142.50. I can reach the website "cms.hbidev.com" on port 80, but when I try to reach it over SSL (443), I get connection refused from the server. I've tried this both locally, from the server itself, and remotely.
The firewall is disabled, and SELinux is turned off. The HTTP daemon is running, so I don't think there's an issue with the SSL directives in the config. Any ideas what I might be doing wrong here?
Any help would be greatly appreciated. Thanks in advance.
Here is my configuration file:
| Code: |
<VirtualHost 192.168.142.50:80>
ServerName cms.hbidev.com
DocumentRoot /var/www/html/cms.hbidev.com/public_html
ErrorLog /var/www/html/cms.hbidev.com/logs/error.log
CustomLog /var/www/html/cms.hbidev.com/logs/requests.log combined
Options +Includes
</VirtualHost>
<VirtualHost 192.168.142.50:443>
ServerName cms.hbidev.com
SSLEngine on
SSLCertificateFile /etc/httpd/cert/_.hbidev.com.crt
SSlCertificateKeyFile /etc/httpd/cert/_.hbidev.com.pem
DocumentRoot /var/www/html/cms.hbidev.com/public_html
ErrorLog /var/www/html/cms.hbidev.com/logs/error.log
CustomLog /var/www/html/cms.hbidev.com/logs/requests.log combined
Options +Includes
</VirtualHost>
|
Here is the output of apachectl -S:
| Code: |
[root@cms conf.d]# apachectl -S
VirtualHost configuration:
192.168.144.50:80 is a NameVirtualHost
....... (redacted) .........
192.168.144.50:443 is a NameVirtualHost
....... (redacted) .........
192.168.142.50:80 cms.hbidev.com (/etc/httpd/conf.d/cms.hbidev.com.conf:1)
192.168.142.50:443 cms.hbidev.com (/etc/httpd/conf.d/cms.hbidev.com.conf:8)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/etc/httpd/htdocs"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
|
|
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7294
Location: Germany, Next to Hamburg
|
|
| Back to top |
|
rickwschneider
Joined: 23 Jan 2019
Posts: 7
|
| Posted: Tue 02 Apr '19 16:27 Post subject: |
|
|
OK, here's the full output of apachectl -S:
| Code: |
VirtualHost configuration:
192.168.174.50:80 is a NameVirtualHost
default server dev.zthefutureisnow.com (/etc/httpd/conf.d/dev.zthefutureisnow.com.conf:1)
port 80 namevhost dev.zthefutureisnow.com (/etc/httpd/conf.d/dev.zthefutureisnow.com.conf:1)
port 80 namevhost kaaltv.hbidev.com (/etc/httpd/conf.d/kaaltv.hbidev.com.conf:1)
alias kaaltv.preview.hbidev.com
port 80 namevhost kob.hbidev.com (/etc/httpd/conf.d/kob.hbidev.com.conf:1)
alias kob.preview.hbidev.com
port 80 namevhost kstp.hbidev.com (/etc/httpd/conf.d/kstp.hbidev.com.conf:1)
alias kstp.preview.hbidev.com
port 80 namevhost wdio.hbidev.com (/etc/httpd/conf.d/wdio.hbidev.com.conf:1)
alias wdio.preview.hbidev.com
port 80 namevhost whec.hbidev.com (/etc/httpd/conf.d/whec.hbidev.com.conf:1)
alias whec.preview.hbidev.com
port 80 namevhost wnyt.hbidev.com (/etc/httpd/conf.d/wnyt.hbidev.com.conf:1)
alias wnyt.preview.hbidev.com
192.168.174.50:443 is a NameVirtualHost
default server dev.zthefutureisnow.com (/etc/httpd/conf.d/dev.zthefutureisnow.com.conf:9)
port 443 namevhost dev.zthefutureisnow.com (/etc/httpd/conf.d/dev.zthefutureisnow.com.conf:9)
port 443 namevhost kaaltv.hbidev.com (/etc/httpd/conf.d/kaaltv.hbidev.com.conf:9)
alias kaaltv.preview.hbidev.com
port 443 namevhost kob.hbidev.com (/etc/httpd/conf.d/kob.hbidev.com.conf:10)
alias kob.preview.hbidev.com
port 443 namevhost kstp.hbidev.com (/etc/httpd/conf.d/kstp.hbidev.com.conf:10)
alias kstp.preview.hbidev.com
port 443 namevhost wdio.hbidev.com (/etc/httpd/conf.d/wdio.hbidev.com.conf:10)
alias wdio.preview.hbidev.com
port 443 namevhost whec.hbidev.com (/etc/httpd/conf.d/whec.hbidev.com.conf:10)
alias whec.preview.hbidev.com
port 443 namevhost wnyt.hbidev.com (/etc/httpd/conf.d/wnyt.hbidev.com.conf:10)
alias wnyt.preview.hbidev.com
192.168.172.50:80 cms.hbidev.com (/etc/httpd/conf.d/cms.hbidev.com.conf:1)
192.168.172.50:443 cms.hbidev.com (/etc/httpd/conf.d/cms.hbidev.com.conf:8)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/etc/httpd/htdocs"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: _RH_HAS_HTTPPROTOCOLOPTIONS
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
|
|
|
| Back to top |
|
rickwschneider
Joined: 23 Jan 2019
Posts: 7
|
| Posted: Tue 02 Apr '19 16:34 Post subject: |
|
|
And here is the contents of httpd.conf:
| Code: |
ServerRoot "/etc/httpd"
Listen 80
LoadModule speling_module modules/mod_speling.so
CheckSpelling on
CheckCaseOnly on
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
<Directory />
AllowOverride none
Require all denied
</Directory>
<Directory "/var/www">
AllowOverride All
Require all granted
</Directory>
<Directory "/var/www/html">
Options FollowSymLinks
Options +Includes
Options -MultiViews
AllowOverride All
Require all granted
<Files ~ "\.inc$">
<If "(%{SERVER_PROTOCOL} == 'INCLUDED')">
Require all granted
</If>
<Else>
Require all denied
</Else>
</Files>
</Directory>
<IfModule dir_module>
DirectoryIndex index.cfm index.shtml index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
<IfModule include_module>
AddType text/html .shtml
AddType text/html .html
AddType text/html .inc
AddOutputFilter INCLUDES .shtml
AddOutputFilter INCLUDES .html
AddOutputFilter INCLUDES .inc
</IfModule>
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
Include "/etc/httpd/conf/mod_jk.conf"
Include "/opt/coldfusion2018/config/wsconfig/1/mod_jk_vhost.conf"
KeepAlive Off
TimeOut 3700
|
|
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7294
Location: Germany, Next to Hamburg
|
| Posted: Mon 08 Apr '19 20:30 Post subject: |
|
|
The part of the SSL config is still missing.
If it still doesn't work, please try the SSL config that I posted. |
|
| Back to top |
|
|
|
|
|
|
