Ookla Https only does not work on ports 8080 and 5060

I have installed an Ookla server which is litening on ports 8080 and 5060 via http. But when I call these ports by https I get an “self signed cert” error, and it seems that the browser try to read another cert on the server. I have to add that the https is working without problem.
https://speedtest.andels.net - works without problem
https://speedtest.andels.net:5060 - fails
https://speedtest.andels.net:8080 - fails

My domain is: speedtest.andels.net

I ran this command: certbot --apache

It produced this output: new cert was created then httpd and ooklaserver.sh restarted

My web server is (include version): Apache/2.4.29 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu server 18

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.39.0

Hi @comfon

looks like you have found a solution.

Two hours earlier, there were checks of your domain and port 8080 - https://check-your-website.server-daten.de/?q=speedtest.andels.net - there was a self signed certificate with version 1 and serial number 01, Firefox had a curious error.

Now checked with my browser, port 8080 has a working certificate, rerun the test - now it’s ok.

PS: Port 8080 is checked, so you don’t need add the explicit port 8080.

And Ookla supports two protocols on one port, so port 8080 works with http and https:

So you don’t need two different ports (may be Ookla want’s that).

Yes thanks, I found a solution after reading one of your topics here.
I do not know yet how to make port 8080 to use only https. I tried to redirect the http in the apache conf:
“Redirect permanent / https://speedtest.andels.net/” and everything looks fine but ookla test cannot find: http://speedtest.andels.net/crossdomain.xml as it changes to https://speedtest.andels.netcrossdomain.xml (the / is removed).

Your redirect rule is wrong.

Check the output of your main domain (without the port specified - https://check-your-website.server-daten.de/?q=speedtest.andels.net ):

Domainname Http-Status redirect Sec. G
http://speedtest.andels.net/ 301 https://speedtest.andels.net Html is minified: 100,00 % 0.064 A
https://speedtest.andels.net/ GZip used - 131 / 160 - 18,13 % Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 200 Html is minified: 100,00 % 3.203 B
https://speedtest.andels.net GZip used - 131 / 160 - 18,13 % Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 200 Html is minified: 100,00 % 3.187 B
http://speedtest.andels.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0 301 https://speedtest.andels.net.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Html is minified: 100,00 % 0.063 A
Visible Content: Moved Permanently The document has moved here . Apache/2.4.29 (Ubuntu) Server at speedtest.andels.net Port 80
https://speedtest.andels.net.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de -1 0.094 R
NameResolutionFailure - The remote name could not be resolved: ‘speedtest.andels.net.well-known’

Your first redirect - there is no / at the end.

So if a file or subdirectory is redirected, a new domain name is checked -> that domain doesn’t exist.

Check some Grade E - and other Grade C - results, there are redirect rules.

Thank you very much Juergen,
I added an / at the ende of the DocumentRoot path and I think it is working now.

1 Like