"503 Service Unavailable"

"I'm trying to SSL "mattermost" but after doing "certbot --apache" I set up the config file but when I access https I get a "503 Service Unavailable".

My domain is:my_domain

I ran this command:

It produced this output:
"certbot --apache" ended successfully.
Then, the following settings were made.

  1. /opt/mattermost/config/config.json
"ServiceSettings": {
   "SiteURL": "https://my_domain/",
   "ListenAddress": ":443",
   "TLSCertFile": "/etc/letsencrypt/live/my_domain/fullchain.pem",
   "TLSKeyFile": "/etc/letsencrypt/live/my_domain/privkey.pem",
  1. /etc/httpd/conf/httpd-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
   DocumentRoot /var/www/html
   ServerName my_domain
   ProxyPreserveHost On
   RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
   RequestHeader set "X-Forwarded-SSL" expr=%{HTTPS}

   RewriteEngine On
   RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC]
   RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
   RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
   RewriteRule .* ws://{REQUEST_URI} [P,QSA,L]

   <Location />
      Require all granted
      ProxyPassReverseCookieDomain my_domain

   SSLCertificateFile /etc/letsencrypt/live/my_domain/fullchain.pem
   SSLCertificateKeyFile /etc/letsencrypt/live/my_domain/privkey.pem
   Include /etc/letsencrypt/options-ssl-apache.conf
  1. /etc/httpd/httpd.conf (The end result was the same whether this setup was done or not.)
<VirtualHost *:443>
    ServerName my_domain

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/my_domain/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/my_domain/privkey.pem

    ProxyPass / http://localhost:8065/
    ProxyPassReverse / http://localhost:8065/
    ProxyPreserveHost On
    RequestHeader set X-Forwarded-Proto "https" 
    RequestHeader set X-Forwarded-Port "443" 
  1. systemctl restart httpd

My web server is (include version):Apache/2.4.37

The operating system my web server runs on is (include version):Oracle Linux 8

My hosting provider, if applicable, is:Oracle Cloud

I can login to a root shell on my machine (yes or no, or I don't know):Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):2.6.0

Your Apache reverse proxy is trying to connect to localhost on port 8065 using HTTP, but your Mattermost configuration specifies to listen on port 443 with HTTPS. Which is in conflict with Apache which also tries to listen on port 443.

You should configure Mattermost to listen on port 8065 with just HTTP instead of HTTPS.

Also, I'm not sure why you have a duplicate HTTPS VirtualHost in httpd-le-ssl.confas well as httpd.conf? Duplicate virtualhosts are a recipe for trouble. It also seems these duplicates are not exactly the same, as the reverse proxy directives are slightly different and the two configurations have different additional reverse proxy directives missing in the other.


I will try to fix it and give it a try.
Will let you know the result.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.