0

I'm having trouble reaching my site through https after executing the certbot script. That process finished without issues, the message was: 

Congratulations, you have succesfully enabled https://chiloexpress.ddns.net

However, when I test my configuration at SSLlabs, the error message says:

Assessment failed: Unable to connect to the server

When I try to access my site with normal http there is no problem, however with https there's connection timeout, according to https://check-your-website.server-daten.de/?q=chiloexpress.ddns.net.

My 000-default-le-ssl.conf file says:

  GNU nano 2.5.3                                                File: 000-default-le-ssl.conf                                                                                                      

<IfModule mod_ssl.c>
<VirtualHost *:443>

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName chiloexpress.ddns.net
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/chiloexpress.ddns.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/chiloexpress.ddns.net/privkey.pem
</VirtualHost>
</IfModule>

And my ports.conf says:

Listen 80
Listen 443
<IfModule mod_ssl.c>
        Listen 443
</IfModule>
<IfModule ssl_module>
        Listen 443
</IfModule>
<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

The result of netstat is like this:

netstat -tulpen | grep 443
tcp6       0      0 :::443                  :::*                    LISTEN      0          2577130     8017/apache2    
tcp6       0      0 :::443                  :::*                    LISTEN      0          2577126     8017/apache2    
tcp6       0      0 :::443                  :::*                    LISTEN      0          2575983     8017/apache2    
tcp6       0      0 :::443                  :::*                    LISTEN      0          2575979     8017/apache2    
tcp6       0      0 :::443                  :::*                    LISTEN      0          2575975     8017/apache2

What could be the problem? I've restarted the service and that doesn't change anything. Any help would be greatly appreciated

Carlos Riquelme
  • 1
  • 1
  • a timeout usually points toward a firewall problem. – Gerald Schneider Nov 28 '19 at 13:11
  • Sometimes a previous apache server process keeps hanging when restarting the service. Stop de service, killall apache2, start the service to be absolutely certain. – Gerrit Nov 28 '19 at 13:30
  • @GeraldSchneider I thought so too, yet the status of ufw says 443 is allowed: ~~~ sudo ufw status Status: active To Action From -- ------ ---- 443 ALLOW Anywhere 443 (v6) ALLOW Anywhere (v6) ~~~ – Carlos Riquelme Nov 28 '19 at 14:37
  • That's not the only place where a firewall can be. Check if your hoster has a firewall in front of your server. – Gerald Schneider Nov 28 '19 at 14:44
  • @GeraldSchneider You are correct, it was a firewall rule from the hosting provider. Thanks for your guidance ;) – Carlos Riquelme Nov 28 '19 at 15:16

0 Answers0