Re: [opensuse] Apache2/SSL - OpenSuse 12.2
James D. Parra said the following on 11/14/2013 08:08 PM:
I did find something interesting. When running nmap from another machine I see that port 443 is not listening on the web server. The only ports open are;
PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 10000/tcp open snet-sensor-mgmt
Since there in no firewall running, what is preventing port 443 from listening?
I wonder about the line ServerName www.servername.com:443 shouldn't that be simply ServerName www.servername.com Have you looked that the logs for startup? Have you tried manually starting from the command line? ~~~~~~~ Thank you for your reply Anton. The servername without the ":443" is the other vhost which is on port 80. ll vhosts.d/ total 28 -rw-r--r-- 1 root root 515 Apr 19 2012 www.servername.com.conf -rw-r--r-- 1 root root 741 Nov 14 17:11 www.servername.com:443.conf <end> There is nothing in the logs and using '/etc/init.d/apache restart' does not give any errors. It appears that apache is not opening port 443 for listening. Best regards, James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James D. Parra said the following on 11/14/2013 08:36 PM: There is no need, to reply to BOTH the list and to me. I subscribe to the list so any mail there will reach me.
There is nothing in the logs and using '/etc/init.d/apache restart' does not give any errors. It appears that apache is not opening port 443 for listening.
Have you told it to listen on 443? Listen 80 Listen 443 What level have you set the logs to? If you don't get anything useful, try changing the LogLevel value to "debug". -- Once upon a time the plural of 'wizard' was 'war'. (The Last Continent) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Thank you for the reply.
There is no need, to reply to BOTH the list and to me. I subscribe to the list so any mail there will reach me.
I use Reply-All otherwise Reply will only reply to your address. I'll remove your address when sending.
There is nothing in the logs and using '/etc/init.d/apache restart' does not give any errors. It appears that apache is not opening port 443 for listening.
Have you told it to listen on 443?
Listen 80 Listen 443
What level have you set the logs to? If you don't get anything useful, try changing the LogLevel value to "debug".
I included the listen.conf entry in the original post showing 'Listen 443' was set, however that is not opening the port. I'll switched to debug value and unfortunately nothing new was revealed. With port 443 not open, requests aren't even reaching the server. Something is preventing it from opening and with the firewall disabled, I am not sure what is. Thank you, James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James D. Parra said the following on 11/15/2013 01:54 PM:
Something is preventing it from opening and with the firewall disabled, I am not sure what is.
When you say 'firewall' do you mean an external appliance or do you mean that you have completely turned IPTables off? -- I brief; you leak; he/she commits a criminal offence by divulging classified information. -- British Civil Service Verb -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
James D. Parra said the following on 11/15/2013 01:54 PM:
Something is preventing it from opening and with the firewall disabled, I am not sure what is.
When you say 'firewall' do you mean an external appliance or do you mean that you have completely turned IPTables off? ~~~~~~~~~~~~~~~~~~~ The local firewall/iptables is disabled and there is no firewall between it and the rest of the local network. Best regards, James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 15 of November 2013 10:54:50 James D. Parra wrote:
I included the listen.conf entry in the original post showing 'Listen 443' was set, however that is not opening the port. I'll switched to debug value and unfortunately nothing new was revealed. With port 443 not open, requests aren't even reaching the server. Something is preventing it from opening and with the firewall disabled, I am not sure what is.
Did you set APACHE_SERVER_FLAGS="SSL" in /etc/sysconfig/apache2? Afterwards, systemctl restart apache2.
Thank you,
James
Hoping this helps, Peter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Friday 15 of November 2013 10:54:50 James D. Parra wrote:
I included the listen.conf entry in the original post showing 'Listen 443' was set, however that is not opening the port. I'll switched to debug value and unfortunately nothing new was revealed. With port 443 not open, requests aren't even reaching the server. Something is preventing it from opening and with the firewall disabled, I am not sure what is.
Did you set APACHE_SERVER_FLAGS="SSL" in /etc/sysconfig/apache2? Afterwards, systemctl restart apache2.
Thank you,
James
Hoping this helps, Peter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thank you, Thank you, Thank you. Peter, that was the fix. I would not have known to look there, only in http.conf & listen.conf. Port 443 is now open and the site is working on https. Again, many thanks. James -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Anton Aylward
-
auxsvr@gmail.com
-
James D. Parra