Https no accessible

fszontagh · September 10, 2017, 9:42am

NethServer Version: NethServer release 7.3.1611 (Final)
Module: web apps and all https

Hi All!

I have noticed some wweks ago, i can’t access to the https services.

All apps which listen to pot 443 is unaccessible.

The httpd server is not listening on the port 443

Thanks!

stephdl · September 10, 2017, 10:10am

something interesting in logs ?
/var/log/messages
/var/log/httpd/*

fszontagh · September 10, 2017, 10:15am

Nothing, everything is like normal behaviour.

Last https logs file is:

-rw-r–r-- 1 root root 7275 May 21 09:53 ssl_error_log-20170522
-rw-r–r-- 1 root root 147291 May 21 18:32 ssl_access_log-20170522
-rw-r–r-- 1 root root 170586 May 21 18:32 ssl_request_log-20170522
-rw-r–r-- 1 root root 5673 May 27 15:01 ssl_error_log-20170528
-rw-r–r-- 1 root root 586369 May 28 02:11 ssl_access_log-20170528
-rw-r–r-- 1 root root 711665 May 28 02:11 ssl_request_log-20170528
-rw-r–r-- 1 root root 5299 Jun 3 20:34 ssl_error_log-20170604
-rw-r–r-- 1 root root 4730 Jun 3 20:34 ssl_request_log-20170604
-rw-r–r-- 1 root root 3674 Jun 3 20:34 ssl_access_log-20170604
-rw-r–r-- 1 root root 1861 Jun 5 20:50 ssl_error_log-20170612
-rw-r–r-- 1 root root 46563 Jun 5 20:50 ssl_access_log-20170612
-rw-r–r-- 1 root root 56402 Jun 5 20:50 ssl_request_log-20170612
-rw-r–r-- 1 root root 0 Jun 12 03:38 ssl_request_log
-rw-r–r-- 1 root root 0 Jun 12 03:38 ssl_error_log
-rw-r–r-- 1 root root 0 Jun 12 03:38 ssl_access_log

filippo_carletti · September 10, 2017, 10:19am

httpd listens on both port 80 and port 443, it’s impossible to have it working only on one port, unless you have heavily customized apache configration with custom templates.
The most common configuration error is to add a port forward for port 443 to a different system.

fuser -vn tcp 443

will tell if httpd is listening.
If not, you can try to restart it from the Services page.

fszontagh · September 10, 2017, 10:29am

I have no modified the templates, nor custom config.

This is the output of the command:

[root@xxxx ~]# fuser -vn tcp 80
                     USER        PID ACCESS COMMAND
80/tcp:              root       3122 F.... httpd
                     apache     5872 F.... httpd
                     apache     5876 F.... httpd
                     apache     5879 F.... httpd
                     apache     5882 F.... httpd
                     apache     5884 F.... httpd
[root@xxxx ~]# fuser -vn tcp 443
[root@xxxx ~]#

I have checked out the apache config before, i saw the virtualhosts with pirt 443, like this:

<VirtualHost *:443>
DocumentRoot "/var/lib/nethserver/vhost/XXXXX"
ServerName XXXXXX.YYYYYYY.TLD

<FilesMatch .php$>
  SetHandler "proxy:unix:/var/run/php-fpm/xxxxxx-php71.sock|fcgi://localhost/"
</FilesMatch>

This is same like the phpmyadmin or same webapps, except the virtual machine manager webui.

I have restarted the services, and the server more times after this.

fszontagh · September 10, 2017, 11:17am

Well, it’s interesting.

I have comapred out the config files with another instance of nethserver7, where the https is working propelly.
So, i found, in the server have a /etc/httpd/conf.d/ssl.conf file, what was missing in my server with the problemes. After copiing it to the server with the peoblem, it’s working properly.

The quiestion is, how can be removed from there?

I have just ran the signals more times:
signal-event nethserver-httpd-update
signal-event nethserver-httpd-save

And these two command, why not regenerated the missing ssl.conf file?

stephdl · September 10, 2017, 3:17pm

because it is not a template

[root@ns7dev9 ~]# rpm -qf /etc/httpd/conf.d/ssl.conf
mod_ssl-2.4.6-45.el7.centos.4.x86_64

fszontagh · September 12, 2017, 7:09am

Ah, good to know!

Thank You!