PDA

View Full Version : System not listening on Port 443



rexemtrebor
03-Apr-2014, 14:36
Hi,

SSL is not working on my testserver any more and I am running out of ideas how to solve the problem.


The module apache module is activated
Apache/2.2.12 (Linux/SUSE) PHP/5.3.17 mod_ssl/2.2.12 OpenSSL/0.9.8j-fips configured
listen.conf is configured to Listen to 443
<IfDefine SSL>
<IfDefine !NOSSL>
<IfModule mod_ssl.c>
Listen A.STATIC.IP.ADRESS:443
</IfModule>
</IfDefine>
</IfDefine>
There is a virtual host for SSL - with SSLEngine On and self signed SSL certifcates
Firewall is completely shut down to be sure that this is not the problem


So everything looks fine - but I cant access my server via https. No wonder - nmap says:


Interesting ports on A.STATIC.IP.ADRESS:
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
3306/tcp open mysql


So: Any idea would be apprechiated. I think the last time I checked if it was working before I made the Update to SLES 11 SP3 - but I found nothing that could indicate problems with SP3 and SSL.

Thanks,

Rexem

rexemtrebor
03-Apr-2014, 15:24
OK, found my error: My NginX server made the trouble, despite it is not configured for Port 443. I still dont know why, but since I removed NginX from my init.d I am able to use 443 for apache again....

smflood
03-Apr-2014, 15:37
On 03/04/2014 14:44, rexemtrebor wrote:

> SSL is not working on my testserver any more and I am running out of
> ideas how to solve the problem.
>
>
> - The module apache module is activated
> Code:
> --------------------
> Apache/2.2.12 (Linux/SUSE) PHP/5.3.17 mod_ssl/2.2.12 OpenSSL/0.9.8j-fips configured
> --------------------
>
> - listen.conf is configured to Listen to 443
> Code:
> --------------------
> <IfDefine SSL>
> <IfDefine !NOSSL>
> <IfModule mod_ssl.c>
> Listen A.STATIC.IP.ADRESS:443
> </IfModule>
> </IfDefine>
> </IfDefine>
> --------------------

Correction - listen.conf is configured to listen on port 443 _if_ the
right conditions are met, namely that SSL is defined and NOSSL is not.

> - There is a virtual host for SSL - with SSLEngine On and self signed
> SSL certifcates
> - Firewall is completely shut down to be sure that this is not the
> problem
>
>
> So everything looks fine - but I can�t access my server via https. No
> wonder - nmap says:
>
>
> Code:
> --------------------
> Interesting ports on A.STATIC.IP.ADRESS:
> Not shown: 996 closed ports
> PORT STATE SERVICE
> 22/tcp open ssh
> 80/tcp open http
> 111/tcp open rpcbind
> 3306/tcp open mysql
>
> --------------------
>
>
> So: Any idea would be apprechiated. I think the last time I checked if
> it was working before I made the Update to SLES 11 SP3 - but I found
> nothing that could indicate problems with SP3 and SSL.

Following on from my comment above, have you set the SSL server flag in
/etc/sysconfig/apache2? Use "grep SERVER_FLAGS /etc/sysconfig/apache2"
to quickly check.

If APACHE_SERVER_FLAGS does not include "SSL" then edit
/etc/sysconfig/apache2 and add SSL between the quotes before restarting
Apache.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------

smflood
03-Apr-2014, 15:41
On 03/04/2014 15:34, rexemtrebor wrote:

> OK, found my error: My NginX server made the trouble, despite it is not
> configured for Port 443. I still don�t know why, but since I removed
> NginX from my init.d I am able to use 443 for apache again....

I'm guessing that NginX was configured for port 443 which it grabbed
thus stopping Apache from listening on it although an error should have
been reported when starting Apache.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------