The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

https not running new install

Discussion in 'General Discussion' started by wadearnold, Mar 11, 2005.

  1. wadearnold

    wadearnold Well-Known Member

    Joined:
    Jan 13, 2002
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    I just got done with adding cpanel to a server. Rebuilt apache with selection three and everything is running smooth. I added a ssl cert to an account and that worked smooth now trying to connect to https and i get denied. Initially below is what in my opinion would be everything that you would need to see in order to understand why this is not listening.
    Code:
    iptables -L 
    
    root@webserver [/etc/httpd/conf]# iptables -L 
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination     
    
    root@webserver [/etc/httpd/conf]# /etc/init.d/httpd startssl
    [Fri Mar 11 15:07:13 2005] [warn] module mod_php4.c is already added, skipping
    [Fri Mar 11 15:07:13 2005] [warn] module mod_bwlimited.c is already added, skipping
    [Fri Mar 11 15:07:13 2005] [warn] module mod_log_bytes.c is already added, skipping
    [Fri Mar 11 15:07:13 2005] [warn] module mod_auth_passthrough.c is already added, skipping
    /etc/init.d/httpd startssl: httpd started
    root@webserver [/etc/httpd/conf]# tcpdump port 443 
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
    
    
    15:08:06.443498 IP team-cf-teamintfwa.teamnet.net.49574 > 147.202.2.51.https: S 2589706989:2589706989(0) win 65535 <mss 1380,nop,wscale 0,nop,nop,timestamp 120190516 0>
    15:08:06.443510 IP 147.202.2.51.https > team-cf-teamintfwa.teamnet.net.49574: R 0:0(0) ack 2589706990 win 0
    
    HTTPD.CONF
    
    NameVirtualHost 147.202.2.51:80
    
    <VirtualHost 147.202.2.51>
    ServerAlias www.teambilling.teamnet.net teambilling.teamnet.net
    ServerAdmin webmaster@teambilling.teamnet.net
    DocumentRoot /home/teambill/public_html
    BytesLog domlogs/teambilling.teamnet.net-bytes_log
    User teambill
    Group teambill
    <IfModule mod_php4.c>
    php_admin_value open_basedir "/home/teambill/:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>
    <IfModule mod_userdir.c>
    UserDir disabled
    UserDir enabled teambill
    </IfModule>
    ServerName www.teambilling.teamnet.net
    User teambill
    Group teambill
    CustomLog domlogs/teambilling.teamnet.net combined
    ScriptAlias /cgi-bin/ /home/teambill/public_html/cgi-bin/
    </VirtualHost>
    
    NameVirtualHost 147.202.2.51:443
    <IfDefine SSL>
    <VirtualHost 147.202.2.51:443>
    ServerAdmin webmaster@teambilling.teamnet.net
    DocumentRoot /home/teambill/public_html
    User teambill
    Group teambill
    <IfModule mod_php4.c>
    php_admin_value open_basedir "/home/teambill/:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>
    <IfModule mod_userdir.c>
    UserDir disabled
    UserDir enabled teambill
    </IfModule>
    ServerName teambilling.teamnet.net
    #CustomLog /usr/local/apache/domlogs/teambilling.teamnet.net-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    CustomLog domlogs/teambilling.teamnet.net combined
    User teambill
    Group teambill
    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/teambilling.teamnet.net.crt
    SSLCertificateKeyFile /usr/share/ssl/private/teambilling.teamnet.net.key
    SSLCACertificateFile /usr/share/ssl/certs/teambilling.teamnet.net.cabundle
    SSLLogFile /var/log/teambilling.teamnet.net
    UserDir public_html
    ScriptAlias /cgi-bin/ /home/teambill/public_html/cgi-bin/
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    </IfDefine>
     
  2. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    18
    What do the error logs say?

    Is https running ?

    /etc/init.d/httpd startssl

    Check your logs to see the reason for the error in the first instance.

    Is the site using a dedicated IP address?
     
    #2 DigitalN, Mar 11, 2005
    Last edited: Mar 11, 2005
  3. wadearnold

    wadearnold Well-Known Member

    Joined:
    Jan 13, 2002
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    /etc/init.d/httpd startssl


    This is what the logs say

    [Fri Mar 11 15:44:32 2005] [warn] module mod_php4.c is already added, skipping
    [Fri Mar 11 15:44:32 2005] [warn] module mod_bwlimited.c is already added, skipping
    [Fri Mar 11 15:44:32 2005] [warn] module mod_log_bytes.c is already added, skipping
    [Fri Mar 11 15:44:32 2005] [warn] module mod_auth_passthrough.c is already added, skipping
    [Fri Mar 11 15:44:32 2005] [notice] Apache/1.3.33 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.9 FrontPage/5.0.2.2635 mod_ssl/2.8.22 OpenSSL/0.9.7a configured -- resuming normal operations
    [Fri Mar 11 15:44:32 2005] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec)
    [Fri Mar 11 15:44:32 2005] [notice] Accept mutex: sysvsem (Default: sysvsem)
     
  4. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    18
    Is the IP correct within your post for the site?

    https://147.202.2.51/

    What error do you get in the logs for accesses to that URL?


    Heres what you have running.


    Port State Service
    21/tcp open ftp
    22/tcp open ssh
    53/tcp open domain
    80/tcp open http
    443/tcp closed https
    3306/tcp open mysql
    5432/tcp closed postgres

    So it seems you have an issue with port 443 being blocked. Check for the reason that port 443 is closed off.

    netstat -a | grep LISTEN

    Also your php should really be upgraded - maybe rebuild your apache/php and select php 4.3.10 and see if that fixes anything with the ssl too.
     
  5. wadearnold

    wadearnold Well-Known Member

    Joined:
    Jan 13, 2002
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Attached is the netstat and I rebuilt apache with all the latest and greatest.
    Code:
    root@webserver [/etc/sysconfig]# netstat -a | grep LISTEN
    tcp        0      0 *:32768                 *:*                     LISTEN      
    tcp        0      0 *:imaps                 *:*                     LISTEN      
    tcp        0      0 *:2082                  *:*                     LISTEN      
    tcp        0      0 *:2083                  *:*                     LISTEN      
    tcp        0      0 *:pop3s                 *:*                     LISTEN      
    tcp        0      0 *:2084                  *:*                     LISTEN      
    tcp        0      0 *:2086                  *:*                     LISTEN      
    tcp        0      0 *:2087                  *:*                     LISTEN      
    tcp        0      0 *:mysql                 *:*                     LISTEN      
    tcp        0      0 *:6666                  *:*                     LISTEN      
    tcp        0      0 *:pop3                  *:*                     LISTEN      
    tcp        0      0 *:2095                  *:*                     LISTEN      
    tcp        0      0 localhost:783           *:*                     LISTEN      
    tcp        0      0 *:imap                  *:*                     LISTEN      
    tcp        0      0 *:2096                  *:*                     LISTEN      
    tcp        0      0 *:http                  *:*                     LISTEN      
    tcp        0      0 *:smtps                 *:*                     LISTEN      
    tcp        0      0 147.202.2.51:domain     *:*                     LISTEN      
    tcp        0      0 webserver.teamne:domain *:*                     LISTEN      
    tcp        0      0 localhost:domain        *:*                     LISTEN      
    tcp        0      0 *:ftp                   *:*                     LISTEN      
    tcp        0      0 *:smtp                  *:*                     LISTEN      
    tcp        0      0 *:ssh                   *:*                     LISTEN      
    unix  2      [ ACC ]     STREAM     LISTENING     1480487 /tmp/.s.PGSQL.5432
    unix  2      [ ACC ]     STREAM     LISTENING     1572495 /var/lib/mysql/mysql.sock
    unix  2      [ ACC ]     STREAM     LISTENING     2733   /var/run/acpid.socket
    
     
  6. wadearnold

    wadearnold Well-Known Member

    Joined:
    Jan 13, 2002
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
  7. DigitalN

    DigitalN Well-Known Member

    Joined:
    Sep 23, 2004
    Messages:
    420
    Likes Received:
    1
    Trophy Points:
    18
    Port 443 isn't listening - It's still closed. You need to rectify that, before ssl will work with apache.
     
Loading...

Share This Page