New Install mod_ssl won't listen on port 443

Discussion in 'Installation/Configuration' started by dpicella, Apr 27, 2009.

  1. dpicella

    dpicella New Member

    I just installed ISPConfig 3 and I can't get mod_ssl to listen on port 443

    As far as I can tell Apache should listen to my VirtualHost directives on port 443.

    I'm getting "failure to connect"

    I have a dedicated IP and the csr and key files are in place. It should work. I've restarted the server and rebooted the machine. Here is the apache config section for the domain.

    Code:
    <IfModule mod_ssl.c>
    ###########################################################
    # SSL Vhost
    ###########################################################
    
    <VirtualHost 208.166.54.19:443>
          DocumentRoot /var/www/majella.us/web
    
        ServerName majella.us
        ServerAdmin [email protected]
    
        ErrorLog /var/log/ispconfig/httpd/majella.us/error.log
    
        ErrorDocument 400 /error/400.html
        ErrorDocument 401 /error/401.html
        ErrorDocument 403 /error/403.html
        ErrorDocument 404 /error/404.html
        ErrorDocument 405 /error/405.html
        ErrorDocument 500 /error/500.html
        ErrorDocument 503 /error/503.html
    
        SSLEngine on
        SSLCertificateFile /var/www/clients/client1/web2/ssl/majella.us.crt
        SSLCertificateKeyFile /var/www/clients/client1/web2/ssl/majella.us.key
    
            <Directory /var/www/majella.us/web>
            Options FollowSymLinks
            AllowOverride Indexes AuthConfig Limit
            Order allow,deny
            Allow from all
    
            # ssi enabled
            AddType text/html .shtml
            AddOutputFilter INCLUDES .shtml
            Options +Includes
        </Directory>
        <Directory /var/www/clients/client1/web2/web>
            Options FollowSymLinks
            AllowOverride Indexes AuthConfig Limit
            Order allow,deny
            Allow from all
    
            # ssi enabled
            AddType text/html .shtml
            AddOutputFilter INCLUDES .shtml
            Options +Includes
        </Directory>
    
        # cgi enabled
            <Directory /var/www/clients/client1/web2/cgi-bin>
          Order allow,deny
          Allow from all
        </Directory>
        ScriptAlias  /cgi-bin/ /var/www/clients/client1/web2/cgi-bin/
        AddHandler cgi-script .cgi
        AddHandler cgi-script .pl
        # ssi enabled
        AddType text/html .shtml
        AddOutputFilter INCLUDES .shtml
        # mod_php enabled
        AddType application/x-httpd-php .php .php3 .php4 .php5
            php_admin_value sendmail_path "/usr/sbin/sendmail -t -i [email protected]"
        php_admin_value upload_tmp_dir /var/www/clients/client1/web2/tmp
        php_admin_value session.save_path /var/www/clients/client1/web2/tmp
        #php_admin_value open_basedir /var/www/clients/client1/web2:/usr/share/php5
    
    
    </VirtualHost>
    </IfModule>
    
    
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Please post the output of:

    netstat -tap
     
  3. dpicella

    dpicella New Member

    ISPConfig 3 won't listen on 443 netstat -tap

    Here is the output - Cheers!
    Code:
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
    tcp        0      0 *:imaps                     *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:pop3s                     *:*                         LISTEN      2176/dovecot        
    tcp        0      0 localhost.localdomain:10024 *:*                         LISTEN      2250/amavisd (maste 
    tcp        0      0 localhost.localdomain:10025 *:*                         LISTEN      2338/master         
    tcp        0      0 *:mysql                     *:*                         LISTEN      2153/mysqld         
    tcp        0      0 *:pop3                      *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:imap                      *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:sunrpc                    *:*                         LISTEN      1701/rpcbind        
    tcp        0      0 *:48080                     *:*                         LISTEN      1714/rpc.statd      
    tcp        0      0 *:ftp                       *:*                         LISTEN      2370/pure-ftpd (SER 
    tcp        0      0 mail.jprehost.com:domain    *:*                         LISTEN      1979/named          
    tcp        0      0 localhost.localdomai:domain *:*                         LISTEN      1979/named          
    tcp        0      0 *:ssh                       *:*                         LISTEN      2029/sshd           
    tcp        0      0 localhost.localdomain:ipp   *:*                         LISTEN      2466/cupsd          
    tcp        0      0 *:smtp                      *:*                         LISTEN      2338/master         
    tcp        0      0 localhost.localdomain:rndc  *:*                         LISTEN      1979/named          
    tcp        0      0 localhost.localdomain:mysql localhost.localdomain:46467 ESTABLISHED 2153/mysqld         
    tcp        0      0 localhost.localdomain:54467 localhost.localdomain:mysql ESTABLISHED 2368/amavisd (ch8-a 
    tcp        0      0 localhost.localdomain:mysql localhost.localdomain:46463 TIME_WAIT   -                   
    tcp        0      0 localhost.localdomain:mysql localhost.localdomain:46468 ESTABLISHED 2153/mysqld         
    tcp        0      0 localhost.localdomain:46466 localhost.localdomain:mysql ESTABLISHED 11967/smtpd         
    tcp        0      0 localhost.localdomain:46464 localhost.localdomain:mysql TIME_WAIT   -                   
    tcp        0      0 localhost.localdomain:46468 localhost.localdomain:mysql ESTABLISHED 11967/smtpd         
    tcp        0      0 localhost.localdomain:46467 localhost.localdomain:mysql ESTABLISHED 11967/smtpd         
    tcp        0      0 localhost.localdomain:40004 localhost.localdomain:mysql ESTABLISHED 2369/amavisd (ch7-a 
    tcp        0      0 localhost.localdomain:46465 localhost.localdomain:mysql TIME_WAIT   -                   
    tcp        0     48 mail.jprehost.com:ssh       44.101.152.151.duarte:24543 ESTABLISHED 11977/0             
    tcp        0      0 localhost.localdomain:mysql localhost.localdomain:40004 ESTABLISHED 2153/mysqld         
    tcp        0      0 localhost.localdomain:mysql localhost.localdomain:46466 ESTABLISHED 2153/mysqld         
    tcp        0      0 localhost.localdomain:mysql localhost.localdomain:54467 ESTABLISHED 2153/mysqld         
    tcp        0      0 *:imaps                     *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:pop3s                     *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:pop3                      *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:imap                      *:*                         LISTEN      2176/dovecot        
    tcp        0      0 *:sunrpc                    *:*                         LISTEN      1701/rpcbind        
    tcp        0      0 *:webcache                  *:*                         LISTEN      2726/httpd          
    tcp        0      0 *:http                      *:*                         LISTEN      2726/httpd          
    tcp        0      0 *:ftp                       *:*                         LISTEN      2370/pure-ftpd (SER 
    tcp        0      0 *:ssh                       *:*                         LISTEN      2029/sshd           
    tcp        0      0 *:smtp                      *:*                         LISTEN      2338/master         
    tcp        0      0 localhost6.localdomain:rndc *:*                         LISTEN      1979/named          
    tcp        0      0 mail.jprehost.com:http      rate-limited-proxy-20:35841 TIME_WAIT   -                   
    
    
     
  4. dpicella

    dpicella New Member

    netstat -tap for the newbie

    Can't say I have much experience with this command, but the first thing I notice is that *:http is on the list but *:https is not. Assuming that is the problem, I don't know how to fix it. I Googled for it, but that wasn't much help. Seems like netstat can do a lot of really useful things!

    Can't wait to find out what the heck is going on here.
     
  5. falko

    falko Super Moderator ISPConfig Developer

    Which distribution are you using?
    Which tutorial (URL) did you use to set the server up?
     
  6. dpicella

    dpicella New Member

    ISPConfig Software Version Info

    Software

    Fedora release 10 (cambridge)
    ISPConfig 3.0.1.1

    yum packages all up to date

    FYI ... I had the same problem with ISPConfig 2 and never did get the SSL certificates to work - "connection refused" ... although ISPConfig 2 did correctly use its SSL certificate on port 81 when it was installed.

    Cheers! Thank you in advance for your help!
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

  8. dpicella

    dpicella New Member

    not listenting because mod_ssl was not installed

    till,

    I did some investigation and found that it was "mod_ssl" that was not installed.

    After I installed it ... everything worked.

    I feel a bit stupid that the answer was that simple, but it was!

    Thank you!

    # yum install mod_ssl
     

Share This Page