Recently configured SSL on Apache 2.4/Ubuntu 20.04 hosted on Oracle Cloud and have been getting connection refused for https/port 443.
External device:
$ curl simpliassure.com:443
curl: (7) Failed to connect to simpliassure.com port 443: Connection refused
$ curl simpliassure.com
(normal html content loads)
$ nmap -p 443 132.145.100.143
Host is up (0.024s latency).
PORT STATE SERVICE
443/tcp closed https
ssh'd into server:
$ curl localhost
(normal html content loads)
$ curl localhost:443
(normal html content loads)
$ curl https://localhost
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
$ apachectl configtest
Syntax OK
$ sudo apache2ctl -S
VirtualHost configuration:
132.145.100.143:80 simpliassure.com (/etc/apache2/sites-enabled/default-ssl.conf:3)
132.145.100.143:443 simpliassure.com (/etc/apache2/sites-enabled/default-ssl.conf:14)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex ssl-stapling-refresh: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
$ ss -tupln
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:*
udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:*
udp UNCONN 0 0 10.0.0.29%ens3:68 0.0.0.0:*
udp UNCONN 0 0 [::]:111 [::]:*
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 4096 [::]:111 [::]:*
tcp LISTEN 0 511 *:80 *:*
tcp LISTEN 0 128 [::]:22 [::]:*
tcp LISTEN 0 511 *:443 *:*
/etc/sites-available/default-ssl.conf is the only symlink under /etc/sites-enabled/default-ssl.conf
/etc/sites-available/default-ssl.conf:
<IfModule mod_ssl.c>
<VirtualHost 132.145.100.143:80>
ServerAdmin webmaster@localhost
ServerName simpliassure.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost 132.145.100.143:443>
ServerAdmin webmaster@localhost
ServerName simpliassure.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /home/ubuntu/certificate_bundle/www.simpliassure.com.crt
SSLCertificateKeyFile /home/ubuntu/certificate_bundle/www.simpliassure.com.key
SSLCertificateChainFile /home/ubuntu/certificate_bundle/www.simpliassure.com_intermediate.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>
/etc/apache2/ports.conf:
Listen 80
Listen 443
Ubuntu's ufw is inactive.
Ran…
$ sudo ufw allow https
$ sudo a2enmod ssl
$ sudo a2enmod headers
$ sudo a2ensite default-ssl
$ sudo systemctl restart apache2
… with no luck.
Oracle Virtual Cloud Network Ingress Rules:
Any ideas?
Best Answer
Check your Oracle firewall; If the port 443 was not opened, them open it.
Check your ufw firewall; Run as root: ufw allow https