Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
The page you got your data from is describing the setup on a firewall device or gateway. This is why it has to allow 443 in both directions. On the server machine itself, you only need to open the port for input.
Code:
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
service iptables save
service iptables restart
I would suggest what is called a TCP Traceroute on port 443, this will tell you where the problem is occurring. Most hosting companies will not block 443 (since people use it quite a lot), but if you are hosting this at home, then your own router might be blocking this, another suggestion would be to start with the server itself and move further away. If the server is unable to trace itself on a "tcptraceroute -p 443 127.0.0.1" then you know the issue remains with the server. If you need to do it further away, cross compare it with a normal traceroute or a traceroute on port 80 should give you an indication of where the traffic is being blocked or rejected.
Last edited by r3sistance; 07-24-2010 at 07:43 PM.
Did you update your apache configuration itself with the details for the HTTPS site yet? and restart apache, warning this might cause some downtime as you maybe requested to supply a pass phrase.
Did you update your apache configuration itself with the details for the HTTPS site yet? and restart apache, warning this might cause some downtime as you maybe requested to supply a pass phrase.
Yes. Did that. My server key doesn't require a pass phrase...
The /var/logs/ssl_error_log reveals no error (since I fixed some cert issues)
The /var/logs/ssl_access_log has no entries at all.
Looking up I have noticed you have used iptables -A, I believe I know what has occurred, could you do an "iptables -nvL" and copy and paste the results here, because the results can get rather lengthy can you also place the results within code tags.
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
Won't be doing anything (it appears after the reject all rule) but I tend to get rid of unused rules just to keep things manageable. As far as I can see, the firewall is configured correctly. So it's either a service (apache) Issue, or it's being blocked by something else.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.