SSL Tomcat https error

gabber3000 · July 21, 2018, 1:41pm

Hello to all
I read this guide to configure the SSL certificate on TOMCAT “Configuring Let’s Encrypt with Tomcat 6.x and 7.x” I have done all the steps point by point. Now calling my site https://miosito.cloud:8443 or https://miosito.cloud:443 or https://miosito.cloud I generate the following error: “UNABLE TO REACH THE SITE”. for what reason?
my site is visible only by putting the “http” protocol.
My cloud is in a CENTOS operating system with TOMCAT 8 application server
thanks for your help

Osiris · July 21, 2018, 1:53pm

I'm getting an ERR_CONNECTION_REFUSED error. I guess nothing is listening on port 443. Or 8443.

Is Tomcat listening on port 8443? Is your firewall and/or portmaps set up correctly?

JuergenAuer · July 21, 2018, 1:58pm

Hi @gabber3000

I can’t find a certificate:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:miosito.cloud&lu=cert_search

So your certbot - command didn’t work.

If you test something like

certbot certificates

a certificate should be shown.

gabber3000 · July 21, 2018, 3:21pm

I entered the URL of my site receiving three certificates issued by “Let’s Encrypt Authority X3 valid from 20/07/218 until 18/10/218” this means that certbot worked is correct? at this point the problem may be that my iptables is blocking some port?

gabber3000 · July 21, 2018, 3:56pm

this is the result of my ports via iptables -L command
target prot opt source destination
ACCEPT all – anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp – anywhere anywhere
ACCEPT all – anywhere anywhere
ACCEPT tcp – anywhere anywhere state NEW tcp dpt:webcache
ACCEPT tcp – anywhere anywhere tcp dpt:http state NEW,ESTABLISHED
ACCEPT tcp – anywhere anywhere state NEW tcp dpt:ssh
REJECT all – anywhere anywhere reject-with icmp-host-prohibited
ACCEPT tcp – anywhere anywhere tcp dpt:pcsync-https
ACCEPT tcp – anywhere anywhere tcp dpt:https
ACCEPT tcp – anywhere anywhere tcp dpt:pcsync-https

    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination

gabber3000 · July 21, 2018, 5:38pm

Thanks for helping all of you. I solved my problem by moving the record from iptables
REJECT all - anywhere anywhere reject - with icmp - host - prohibited
at the last position like this:
ACCEPT tcp - anywhere anywhere tcp dpt: https state NEW, ESTABLISHED
ACCEPT tcp - anywhere anywhere tcp dpt: pcsync-https state NEW, ESTABLISHED
REJECT all - anywhere anywhere reject - with icmp - host - prohibited

RavijitChavda · August 17, 2018, 4:36pm

I also read the guide to configure the SSL certificate on TOMCAT Configuring Let’s Encrypt with Tomcat I also got an error with my blog bloggingbook after completing the process.

system · September 16, 2018, 4:36pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSL certificate in Ubuntu 20 Tomcat 9 does not work Help	5	2398	June 5, 2021
Letsencrypt certificate with Tomcat and Certbot connection refused Help	28	14534	January 18, 2018
Configuring Let's Encrypt for Tomcat 8.x on Ubuntu 16.10 Help	14	7806	June 8, 2017
SSL installed but ERR_CONNECTION_CLOSED? Help	11	4274	July 22, 2019
I already installed lets encrypt on ubuntu server for my website using apache2 and I try to used the certificate for my tomcat server but nothing happen, the site can't be reached Help	6	466	October 6, 2021

SSL Tomcat https error

Related topics