• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

accessing domain via https:// completely fails

D

DarkHorizons

Guest
Hello,

I have a site on my server that has SSL enabled and the cert appears to be installed and set up ok.

The user has files in the /httpsdocs folder.

The server is listening on port 443

The httpd.include and conf files have the 443 entries for the IP address for this site. It is not a shared IP.

When accessing the site via http:// (no ssl) it comes up fine.

When accessing the site via https:// the browser will not bring up the site. It gives the 'cannot find server' error, like the entire site does not exist.

I can't see anything out of the ordinary in the httpd log files or the log files for the site.

Does anyone have any idea what the problem could be? I am completely out of ideas.

Thanks in advance.
 
I thought that could be the problem as I didn't see 'https' in the INPUT list of iptables. So I added it in there and now I see:

ACCEPT tcp -- anywhere anywhere tcp dpt:https

Even after that, I still have the same problem.
 
Strange Issue.

If you have SSL Support enabled for the domain and it doesn't work, thats odd. Did you try using the "Default Certificate" instead of your own just to test?
 
I had originally been using the default certificate with the same problems. It would be nice if the server generated an error somewhere but it is acting like it is completely ignoring the request.
 
got it working.

Strange though. The PLESK firewall settings didn't have a rule to open port 443.

Even though I manually opened port 443 in iptables, it wouldn't work until I set it in the PLESK firewall and then activated that firewall, which of course then hosed all my other iptables rules that I had set up. nice... :(

oh well.. this part is working and I have mod_security running to smash the script monkeys that normally exploit cgi and php holes.

Whats the deal with this PLESK firewall? is it just ****?
 
It's not so bad once you set it up, but it comes pretty open by default. Check out www.eth0.us for some good tips on server security. They recommend APF firewall. I use it on Ensim servers.
 
Can APF be simply installed and run on top of already running firewall stuff? (like the plesk default settings)
 
If you disable the Plesk firewall from inside the Panel, it is perfectly safe to install APF on your server. It is a pretty darn good firewall.

Has a nice and easy install script too.

If you follow the tutorial on the eth0.us website, it tells you what ports to open up (basically the same ones that the plesk firewall has open).
 
I don't see an option to turn it off in the control panel.
 
i do like the apf stuff though. looks very nice and super easy to install and configure.
 
Back
Top