Https no accessible


(Szontágh Ferenc) #1

NethServer Version: NethServer release 7.3.1611 (Final)
Module: web apps and all https

Hi All!

I have noticed some wweks ago, i can’t access to the https services.

All apps which listen to pot 443 is unaccessible.

The httpd server is not listening on the port 443


(Stéphane de Labrusse) #2

something interesting in logs ?

(Szontágh Ferenc) #3

Nothing, everything is like normal behaviour.

Last https logs file is:

-rw-r–r-- 1 root root 7275 May 21 09:53 ssl_error_log-20170522
-rw-r–r-- 1 root root 147291 May 21 18:32 ssl_access_log-20170522
-rw-r–r-- 1 root root 170586 May 21 18:32 ssl_request_log-20170522
-rw-r–r-- 1 root root 5673 May 27 15:01 ssl_error_log-20170528
-rw-r–r-- 1 root root 586369 May 28 02:11 ssl_access_log-20170528
-rw-r–r-- 1 root root 711665 May 28 02:11 ssl_request_log-20170528
-rw-r–r-- 1 root root 5299 Jun 3 20:34 ssl_error_log-20170604
-rw-r–r-- 1 root root 4730 Jun 3 20:34 ssl_request_log-20170604
-rw-r–r-- 1 root root 3674 Jun 3 20:34 ssl_access_log-20170604
-rw-r–r-- 1 root root 1861 Jun 5 20:50 ssl_error_log-20170612
-rw-r–r-- 1 root root 46563 Jun 5 20:50 ssl_access_log-20170612
-rw-r–r-- 1 root root 56402 Jun 5 20:50 ssl_request_log-20170612
-rw-r–r-- 1 root root 0 Jun 12 03:38 ssl_request_log
-rw-r–r-- 1 root root 0 Jun 12 03:38 ssl_error_log
-rw-r–r-- 1 root root 0 Jun 12 03:38 ssl_access_log

(Filippo Carletti) #4

httpd listens on both port 80 and port 443, it’s impossible to have it working only on one port, unless you have heavily customized apache configration with custom templates.
The most common configuration error is to add a port forward for port 443 to a different system.

fuser -vn tcp 443

will tell if httpd is listening.
If not, you can try to restart it from the Services page.

(Szontágh Ferenc) #5

I have no modified the templates, nor custom config.

This is the output of the command:

[root@xxxx ~]# fuser -vn tcp 80
                     USER        PID ACCESS COMMAND
80/tcp:              root       3122 F.... httpd
                     apache     5872 F.... httpd
                     apache     5876 F.... httpd
                     apache     5879 F.... httpd
                     apache     5882 F.... httpd
                     apache     5884 F.... httpd
[root@xxxx ~]# fuser -vn tcp 443
[root@xxxx ~]#

I have checked out the apache config before, i saw the virtualhosts with pirt 443, like this:

<VirtualHost *:443>
DocumentRoot "/var/lib/nethserver/vhost/XXXXX"

<FilesMatch .php$>
  SetHandler "proxy:unix:/var/run/php-fpm/xxxxxx-php71.sock|fcgi://localhost/"

This is same like the phpmyadmin or same webapps, except the virtual machine manager webui.

I have restarted the services, and the server more times after this.

(Szontágh Ferenc) #6

Well, it’s interesting.

I have comapred out the config files with another instance of nethserver7, where the https is working propelly.
So, i found, in the server have a /etc/httpd/conf.d/ssl.conf file, what was missing in my server with the problemes. After copiing it to the server with the peoblem, it’s working properly.

The quiestion is, how can be removed from there?

I have just ran the signals more times:
signal-event nethserver-httpd-update
signal-event nethserver-httpd-save

And these two command, why not regenerated the missing ssl.conf file?

(Stéphane de Labrusse) #7

because it is not a template

[root@ns7dev9 ~]# rpm -qf /etc/httpd/conf.d/ssl.conf

(Szontágh Ferenc) #8

Ah, good to know!

Thank You!