Linode Forum :: Connections to https are refused

Linode Forum
Linode Community Forums

FAQ

Search

Members

Register

Login [ Anonymous ]

Connections to https are refused

Post new topic Reply to topic

Board index » Linux Community Forums » Web Servers and Web App Development

Previous topic | Next topic

Author

Message

ctarp

Post subject: Connections to https are refused

PostPosted: Sun May 27, 2012 6:17 pm

Offline

Newbie

Joined: Mon Dec 27, 2010 1:38 pm
Posts: 4

EDIT: After 4 hours, I can't believe it was only a matter of doing a2enmod ssl. Wow. Solved.

If I go to my site, connections over http are fine, but if I try https, connections are refused and I can't figure out why. Below is info from the only places I know to look.

default-ssl shows up in both /etc/apache2/sites-available and /etc/apache2/sites-enabled

Any ideas?

Ubuntu 12.04 LTS LAMP server

---BEGIN excerpt of /etc/apache2/sites-available/default-ssl -----
<IfModule mod_ssl.c>
<VirtualHost xx.xx.xx.xx:443>
ServerAdmin admin@xxxx.com
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

SSLEngine on

SSLCertificateFile /etc/ssl/certs/certificate.crt
SSLCertificateKeyFile /etc/ssl/private/prvtky.key
SSLCertificateChainFile /etc/ssl/certs/intermediate.crt
---END excerpt of /etc/apache2/sites-available/default-ssl -----

---BEGIN /etc/iptables.firewall.rules ---------
*filter

# Allow all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

# Accept all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow all outbound traffic - you can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT

# Allow HTTP and HTTPS connections from anywhere (the normal ports for websites and SSL).
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

# Allow SSH connections
#
# The -dport number should be the same port number you set in sshd_config
#
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT

-A INPUT -p tcp --dport 143 -j ACCEPT
-A INPUT -p tcp --dport 993 -j ACCEPT
-A INPUT -p tcp --dport 25 -j ACCEPT

# Allow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# Log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

# Reject all other inbound - default deny unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECT
COMMIT
---END /etc/iptables.firewall.rules ---------

Top

Profile

Reply with quote

Post new topic Reply to topic

Board index » Linux Community Forums » Web Servers and Web App Development

Who is online

Users browsing this forum: No registered users and 4 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

RSS