[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [users@httpd] Problem setting up ssl

>OTOH, seems to be some 
>special setup, defaulting to an address from the loopback network 

I also noted that, but don't know what to do.

>As you seem to receive some resources via HTTP, the request should get 
>logged somewhere.

I use "tail -f /var/log/apache2/access.log" and error.log on the console and then enter IP address in the browser.
When I enter http://w.x.y.z the page is shown and access.log shows some messages.I also see some debug messages in error.log

IMO, the messages aren't important! since I see the page in the browser.
However, when I enter https://w.x.y.z nothing is shown in the console.

>You always tell you're accessing "w.x.y.z" and 
>said "the server's page is reachble by an IP address", so I understand 
>you're not using a host name, but IP address to connect. w.x.y.z reads 
>like an IPv4 address, while your earlier report of open ports just 
>gave an IPv6 port open for listening:
>root@webshub:~# netstat -tulpn | grep 443
>tcp6      0      0 :::443                  :::*                   
>LISTEN      14709/apache2
>So there might be a chance your browser's requests doesn't even end up 
>in *your* server.

I also think such thing is the root of the issue. Things are

1) Yes, I don't have hostname. So, I have to enter ip address.

2) The SSL certificates are created for our university where they have host name.

3) I don't know if the certificates are only usable with subdomains only. Any thought?

4) The netstat command shows the IPv6. Is that a firewall issue? iptables? ufw? Here is the output of ufw

root@webshub:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
Apache Full                ALLOW       Anywhere
OpenSSH                    ALLOW       Anywhere
20/tcp                     ALLOW       Anywhere
21/tcp                     ALLOW       Anywhere
990/tcp                    ALLOW       Anywhere
40000:50000/tcp            ALLOW       Anywhere
Apache Full (v6)           ALLOW       Anywhere (v6)
OpenSSH (v6)               ALLOW       Anywhere (v6)
20/tcp (v6)                ALLOW       Anywhere (v6)
21/tcp (v6)                ALLOW       Anywhere (v6)
990/tcp (v6)               ALLOW       Anywhere (v6)
40000:50000/tcp (v6)       ALLOW       Anywhere (v6)

root@webshub:~# netstat -tulpn | grep 443
tcp6       0      0 :::443                  :::*                    LISTEN      1114/apache2