Hi,
I am trying to configure SSL for my site. I have installed everything that mentioned in doc. But the site is not working.
https://www.mycampusws.com
Can you please help?
regards,
hafiz
Hi @hafiz
please answer the following questions. We need informations about your environment, your client and your command you have used.
--
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Checking your domain there are already certificates - https://check-your-website.server-daten.de/?q=mycampusws.com#ct-logs
| Issuer | not before | not after | Domain names | LE-Duplicate | next LE |
|---|---|---|---|---|---|
| Let's Encrypt Authority X3 | 2019-07-28 | 2019-10-26 | www.mycampusws.com - 1 entries | duplicate nr. 1 | |
| Let's Encrypt Authority X3 | 2019-07-16 | 2019-10-14 | www.mycampusws.com - 1 entries | ||
| cPanel, Inc. Certification Authority | 2019-07-16 | 2019-10-14 | cpanel.mycampusws.com, mail.mycampusws.com, mycampusws.com, webdisk.mycampusws.com, webmail.mycampusws.com, www.mycampusws.com - 6 entries | ||
| Amazon | 2019-07-14 | 2020-08-14 | www.mycampusws.com - 1 entries | ||
| cPanel, Inc. Certification Authority | 2019-07-13 | 2019-10-11 | cpanel.mycampusws.com, mail.mycampusws.com, mycampusws.com, webdisk.mycampusws.com, webmail.mycampusws.com, www.mycampusws.com - 6 entries |
If you use cPanel, you shouldn't use another client.
But you don't use that certificate.
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| • http://mycampusws.com/ | ||||
| 174.138.25.21 | 200 | 0.583 | H | |
| • http://www.mycampusws.com/ | ||||
| 174.138.25.21 | 200 | 0.546 | H | |
| • https://mycampusws.com/ | ||||
| 174.138.25.21 | -14 | 10.027 | T | |
| Timeout - The operation has timed out | ||||
| • https://www.mycampusws.com/ | ||||
| 174.138.25.21 | -14 | 10.027 | T | |
| Timeout - The operation has timed out | ||||
| • http://mycampusws.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de | ||||
| 174.138.25.21 | 404 | 0.527 | A | |
| Not Found | ||||
| Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.2.15 (CentOS) Server at mycampusws.com Port 80 | ||||
| • http://www.mycampusws.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de | ||||
| 174.138.25.21 | 404 | 0.566 | A | |
| Not Found | ||||
| Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.2.15 (CentOS) Server at www.mycampusws.com Port 80 | ||||
Only timeouts.
Hi JuergenAuer,
Thanks for your reply. Here is the feedback of your mail.
My domain is:
I ran this command: https://www.mycampusws.com/index.html
but it works
http://www.mycampusws.com/index.html
It produced this output: TIMEDOUT
My web server is (include version): Server version: Apache/2.2.15 (Unix)
The operating system my web server runs on is (include version): CentOS release 6.9 (Final)
My hosting provider, if applicable, is: DigitalOcean
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No control Panel, manage DNS, Cname records from DigitalOcean
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot-auto --version
certbot 0.36.0
I have run the below command and configuration to install LET’S ENCRYPTE
sudo yum install mod_ssl
-
sudo yum install epel-release
sudo yum -y install yum-utils
- INSTALLING CERTBOT
wget https://dl.eff.org/certbot-auto
sudo mv certbot-auto /usr/local/bin/certbot-auto
sudo chown root /usr/local/bin/certbot-auto
sudo chmod 0755 /usr/local/bin/certbot-auto
- Add below line in apache
ServerName www.mycampusws.com
/etc/httpd/conf
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName www.mycampusws.com
ServerAdmin info@techants.com
<VirtualHost *:80>
DocumentRoot /var/www/html
ServerName *.mycampusws.com
ServerAdmin info@techants.com
sudo service httpd restart
Cd /usr/local/bin
sudo /usr/local/bin/certbot-auto --apache
What says
apachectl -S
Looks like your vHost configuration is buggy.
PS: Does your port 443 work internal? Something like
curl https://www.mycampusws.com/
from your console.
Is there a blocking firewall or a wrong configured router?
1 Like
Hi JuergenAuer,
Thanks for your reply. I have updated vhost as per your feedback. I have run 2 command that you suggested and here is the screenshot attached.
Whenever I run the site in browser it shows timeout error.
Your feedback is highly appreciated.
regards,
hafiz
Hi @hafiz,
You have a firewall somewhere that is intentionally blocking inbound connections from the rest of the Internet to this server. I can see the same ICMP message from the firewall that I saw with this other user
You'll need to find the firewall and change the firewall policy. It could be a firewall on your server itself, like ufw, or in your hosting environment, like a policy group.
Hi Schoen,
Thanks for your prompt reply. I have run iptables command and found as screenshot.
Can you please suggest me further step.
regards
hafiz
If apachectl -S doesn't work, use
httpd -S
CentOS - specific 
Hi JuergenAuer,
apachectl and httpd both working fine. But I found that site is showing timeout error.
Based on Mr. schoen feedback he suspect it is occurring due to FIREWAL. Then I checked with iptables command found attached.
please suggest further instructions.
REGARDS,
hafiz
I know. Change your firewall. Simple: Stop it.
The idea of the test was: Checking, if it works internal. Now we know it works internal.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.