1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

Connection to a domain refused in https

Discussion in 'Plesk for Linux - 8.x and Older' started by astclub, Sep 2, 2005.

  1. astclub

    astclub Guest

    0
     
    I installed a new domain in Plesk (dedicated IP), and self-generated a certificate in Plesk too. Then I linked this certificate to the domain/IP.

    Trying to connect to https://domain.com or https://www.domain.com, I get a message from my browser: Conection was refused by the server.

    The domain is setup with SSL allowed, there is a index.html page in the httpsdocs folder, etc etc. All seems OK, but it doesn't work! (the http requests are ok).

    Any idea?

    Thanks!
     
  2. astclub

    astclub Guest

    0
     
    I just add that there is no firewall that can block requests, etc...
     
  3. astclub

    astclub Guest

    0
     
    Any idea, nobody? Hired a "specialized management service", they didn't find anything!
     
  4. jamesyeeoc

    jamesyeeoc Guest

    0
     
    1. What browser(s) have you tried? Try more than one, and clear the cache first.

    2. You say this is a new domain, have you verified that DNS has propagated. (dnsreport.com)

    3. Have you tried browsing to http://ipaddress (or https://ipaddress)?

    4. Have you checked the access_log or error_log of the domain (/home/httpd/vhosts/domain.tld/statistics/logs)

    5. Try increasing your MaxClients value in /etc/httpd/conf/httpd.conf (and restart apache service)

    That's all I can think of off the top of my head.
     
  5. astclub

    astclub Guest

    0
     
    Here is what I can see in the server log files (There is NOTHING in the vhost log files!), when trying https://www.mydomain

    (or with https://www.ip_of_domain, or without the www.)

    What is this ?!!

    error_log:

    [Sat Sep 03 14:48:53 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!!
    [Sat Sep 03 15:23:02 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!!
    [Sat Sep 03 15:24:05 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:24:40 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:25:56 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:26:16 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:27:38 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:30:55 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:31:01 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!
    [Sat Sep 03 15:31:42 2005] [error] [client _My_IP_Address_] Invalid method in request !g!!!

    and the access_log:

    _My_IP_Address_ - - [03/Sep/2005:14:48:53 -0400] "\x80g\x01\x03\x01" 501 217 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:23:02 -0400] "\x80g\x01\x03\x01" 501 217 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:24:05 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:24:40 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:25:56 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:26:16 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:27:38 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:30:55 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:31:01 -0400] "\x80g\x01\x03" 501 216 "-" "-"
    _My_IP_Address_ - - [03/Sep/2005:15:31:42 -0400] "\x80g\x01\x03\x01" 501 217 "-" "-"
     
  6. jamesyeeoc

    jamesyeeoc Guest

    0
     
    Other people have had this problem when there was:

    1. Something mis-configured in their httpd.conf or httpd.include files regarding the SSL port 443 configuration.

    2. SSL engine was not running

    3. Certificate or key mis-configured
     
  7. astclub

    astclub Guest

    0
     
    The fact is that

    - We deleted/re-installed the domain in Plesk, so it should have fixed any config file bug,

    - the SSL engine seems running as we can connect in https on 8443 (for Plesk)

    - the certificate: the error is the same when we assign the default Plesk cert to the IP address of the domain. And this cert is OK as it works well when connecting to Plesk!
     
  8. jamesyeeoc

    jamesyeeoc Guest

    0
     
     
  9. druedger

    druedger Guest

    0
     
    I'll start off by saying I know nothing about Plesk, but I did have a similar problem configuring tomcat. Since Plesk is using port 8443, I'm wondering if you don't have an issue I ran into trying to configure Apache with a tomcat connector. If Plesk is a derivative of jakarta and is designed to run JSP and java servlets, then this may apply to you. If not, maybe my problem will help someone else or at least prevent them from spinning too many cycles trying to resolve it.

    My issue happened when I configured Apache 2.0.55 with mod_ssl 0.9.7a and added a Tomcat connector using jk2_mod with jdk version 1.5.0_06 and tomcat version 5.5.16. This is running on RedHat 9.1.

    I was able to successfully access the Tomcat pages after both servers were installed, and I was also able to get content from the Apache server using the normal http channel. But whenever I used the following URL:

    https://localhost

    I got the error stating the connection was interrupted. I looked in the server logs and saw the following error:

    [Wed Mar 29 12:52:22 2006] [error] [client 127.0.0.1] Invalid method in request \x80g\x01\x03\x01

    After spending a day going over the tomcat config files and ensuring that mod_ssl was set up, I concluded that this was an issue with the tomcat connector. When I edited the httpd.conf to remove the jk2_mod module from loading so that the tomcat connector was inactive, the request to https://localhost worked fine. As soon as I add the connector back in, the problem occurs.

    Now here's where it gets strange. If I specify the IP address of the server directly instead of using localhost, it works! For some reason the request to localhost wants to hit the tomcat server even though I have not requested any content from it. I think this may be an issue with the tomcat connector for 5.5.16. The documentation clearly states that SSL is not required on the tomcat server if apache is serving the SSL requests, yet it appears that the request coming from the connector on port 8009 is being redirected to 8443. Since I did not have SSL support installed on the tomcat server, this would explain why the connection was interrupted.

    I tried for another half day trying to get the SSL connection on 8443 configured in the tomcat server, but I could never get it to listen on that port. I followed the docs to the letter, and still it wouldn't work. A call to nmap showed that 8080 and 8009 were active, but I never got 8443 to happen. I suspect if it was listening, then my problem would go away since the redirect would be active and would be able to service the secure request.

    I'm not sure if this helps, but it may give you some ideas about the handshake process to see if there is something in the Plesk configuration that needs to be updated. It definitely seems that a secure request is being initiated, but the listener is expecting normal HTTP.
     
Loading...