I have GoDaddy SSL certificate and it is properly installed on my domain and my domain is working perfectly fine with https but when I open
https://.com:6001/socket.io/socket.io.js
Then it is showing not secure.
Earlier I had lets encrypt ssl certificate so yesterday I removed that and installed Godaddy SSl certificate but now facing this problem.
In my chrome, it is showing this https://prnt.sc/lvjv9w
Any suggestions please what could be the fix?
using two ports for the same virtual host works alike this:
Listen 443
NameVirtualHost *:443
Listen 6001
NameVirtualHost *:6001
<VirtualHost *:443 *:6001>
...
</VirtualHost>
Related
I'm kind of a new Apache user (version 2.4). I'm having trouble configuring the whole thing. My server has an IP address- 192.168.2.10, for example my public IP is 123.123.123.123. In my hosting provider website I did set an A record pointing at 123.123.123.123. My Apache config looks like:
Listen 443
<VirtualHost _default_:433>
# General setup for the virtual host
DocumentRoot "${SRVROOT}/htdocs"
ServerName www.example.com:443
ServerAdmin my#mail.com
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
The problem is I receive ERR_CONNECTION_TIMED_OUT all the time. When I tried swaping www.example.com with local IP 192.168.2.5 it KIND OF worked (SSL certificate problems because they are connected to www.example.com, but I managed to see HTTP response. Where seems to be the problem?
EDIT:
I think the problem is I can't use port 443 because it's my routers default managment port. How should I configure it then? I have NAT rule on my router that does forward every :8456 request to 192.168.2.10:443.
I resolved the issue. It was "SSL 3.0" option turned off on my router.
I have limited experience setting up SSL certs, so far i've been able to get single SSL certs working on different servers, now I'm stuck trying to get a wildcard SSL cert setup alongside an existing organisational SSL for same domain, it keeps pointing at the organisational cert even though I specify the wildcard cert in the the virtual host.
I'll try explain the best I can using sample data:
organisational certificate site.example.com
wildcard certificate *.example.com
apache version 2.2.3
I will leave out the port 80 stuff as there is no issues there
Example configuration:
NameVirtualHost *:443
NameVirtualHost 192.0.2.201:443
NameVirtualHost 192.0.2.202:443
<VirtualHost 192.0.2.202:443>
ServerName site.example.com
DocumentRoot /var/www/html/site
SSLEngine On
SSLCertificateFile /locationof/organisational.crt
SSLCertificateChainFile /locationof/organisational.intermediate.pem
SSLCertificateKeyFile /locationof/organisational.key
</VirtualHost>
<VirtualHost 192.0.2.202:443>
ServerName mytestsite.example.com
DocumentRoot /var/www/html/mytestsite
SSLEngine On
SSLCertificateFile /locationof/wildcard.crt
SSLCertificateChainFile /locationof/wildcard.intermediate.pem
SSLCertificateKeyFile /locationof/wildcard.key
</VirtualHost>
There are no issues with either certificate.
When I restart Apache and go to https://mytestsite.example.com in Firefox it tells me 'Your connection is not sercure' when expanding the Advanced button I can see from the message 'The certificate is only valid for the following names: site.example.com, www.site.example.com' So I guess it's picking up the organisational virtual host each time and isn't getting to the wildcard virtual host, I've tried switching them about as I've read that Apache can be affected by the order of the virtual hosts but it made no difference to me.
I'm sure it's something simple I'm doing wrong but I've searched various sites and Google but just can't pinpoint the issue :(
EDIT - additional info from running httpd -S
192.0.2..201:443 is a NameVirtualHost
default server www.anothersite.net (/etc/httpd/conf/httpd.conf:aaaa)
port 443 namevhost www.anothersite.net (/etc/httpd/conf/httpd.conf:aaaa)
192.0.2.202:443 is a NameVirtualHost
default server site.example.com (/etc/httpd/conf/httpd.conf:xxxx)
port 443 namevhost site.example.com (/etc/httpd/conf/httpd.conf:xxxx)
port 443 namevhost mytestsite.example.com (/etc/httpd/conf/httpd.conf:yyyy)
wild alias *.*
*:443 is a NameVirtualHost
default server someoldsite.com (/etc/httpd/conf.d/ssl.conf:xx)
port 443 namevhost someoldsite.com (/etc/httpd/conf.d/ssl.conf:xx)
// there is no virtual host for this old site, it seems it is the name of the server inside /etc/hosts file
I checked the *:443 path in case there was a redirect or something like that but there is not. I've added in the additional NameVirtualHost settings to example configuration. From the info above I'm still not sure what's going wrong! The wildcard SSL certificate is set up on 2 other servers and works fine but it is the only SSL certificates on those servers as opposed to this server which has 2 others and 1 sharing the same domain
EDIT 2
there is a ssl.conf file being include with the following <VirtualHost _default_:443> but don't think that is causing any harm?
this server has been working fine using both certs on .201 and .202 and the wildcard cert works fine on two other servers, I just can't get the wildcard ssl cert to work along with the .202 organisational cert :(
I'm running an EC2 micro instance (Amazon Linux) and can't seem to get ssl (https) working.
The error I'm getting in Chrome is "ERR_CONNECTION_REFUSED" (no data sent).
I've enabled HTTPS inbound traffic for the security group in my AWS console.
I added this in the /etc/httpd/conf/httpd.conf file. (example.com is a placeholder for my website)
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://example.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
SSLEngine on
SSLCertificateFile /etc/ssl/example_com.crt
SSLCertificateKeyFile /etc/ssl/example_com.key
SSLCertificateChainFile /etc/ssl/example_com.ca-bundle
</VirtualHost>
and it didn't work.
So to test VirtualHost, I replaced it with the following:
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://google.com/
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
Redirect permanent / https://google.com/
</VirtualHost>
http://example.com redirected to google like expected, but https://example.com didn't.
Anyone know what's the problem?
Connection refused means your server's IP stack actively rejected the incoming connection on port 443 (https) because no service is listening on port 443.
We use less and less Apache these days in my operations, because of the maturity of some other alternatives, so I may be a little rusty here, but I'm reasonably sure that your server, in spite of being configured with a way to respond to requests on port 443... is not actually listening for connections on port 443.
You probably have a listen 80 somewhere in your apache config. This will need to be accompanied by listen 443 based on httpd.apache.org/docs/2.2/bind.html:
When Apache starts, it binds to some port and address on the local machine and waits for incoming requests. By default, it listens to all addresses on the machine. However, it may need to be told to listen on specific ports, or only on selected addresses, or a combination of both. This is often combined with the Virtual Host feature, which determines how Apache responds to different IP addresses, hostnames and ports.
In addition to configuring the security group to allow the traffic over port 443, you probably also need to open port 443 on the server itself.
iptables -I INPUT 1 -p tcp --dport 443 -j ACCEPT
If that fixes the issue, then to save the configuration so that it persists after a reboot:
/sbin/service iptables save
I'm trying to configure SSL on apache2 with geotrust SSL. I have the private key file, the certificate and the bundle sertificate.
This is the virtualhost config:
http://pastebin.com/38ygh8W1
The apache gives me error:
AH02235: Unable to configure server certificate for stapling
The https gives time out for the 443 port.
I read a lot of info for this topic but im not sure what to do anymore.
Any suggestions?
This seems to be bug that where the fix still hasn't made its way to the latest environments. I have the same problem. Here's my environment:
Server version: Apache/2.4.41
OS: Ubuntu 18.04
As a workaround, you can edit ports.conf so that the last listen directive is for a non-SSL port, i.e. Listen 80. Here's the whole file:
<IfModule ssl_module>
Listen 443 https
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Listen 80
And the problem is gone.
Hi ALL Apach2traid+ssl+cetificate:
I am trying to make a secure web page for payment
and this web page is for study purpose
so i thought that i may take a trial veriSign certificate
so after obtaining the certificate what should i do
and do it work if i am using my website only as localhost
finally i was told to mke a virtual server to make it run i tried the flowing
<VirtualHost localhost>
SSLCertificateFile C:\apache2triad\opssl\cert\my.cer
SSLCertificateKeyFile C:\apache2triad\opssl\cert\server.key
SSLCACertificateFile C:\apache2triad\opssl\cert\intermediate.crt
</VirtualHost>
this was in the httpd.conf
and after that the apache with ssl worker ok
but when i call a page with https
it didnt run
should i make some thing else rather than just put https
need some help and discussion please
thanks
https connects on a different port number, 443, normal http request come to port 80.
<virtualHost localhost:443>
and you'll also need to make sure apache is listening on port 443, elsewhere in your httpd.conf
listen 127.0.0.1:80
listen 127.0.0.1:443
bets of luck!
You missed (in the virtualhost):
SSLEngine on
As Fire Crow suggested, you'll also want to run it on 443. Whilst you could run HTTPS on port 80, it'd be a strange thing indeed.