Webroot Certification with HTTPS Served over port 8443

FlyingHazard · August 11, 2017, 11:04pm

My domain is:

flyinghazard.com, and a few others such as cloud.flyinghazard.com, etc. (Not that it matters because you can’t view it.)

I have been trying to set up a few things on my server. This includes a VPN, Web Server, and Cloud Storage solution. I have been using Let’s Encrypt for SSL certificates. Recently, I switched my VPN over to port 443/TCP because of the web filter that I have to bypass. This obviously leaves me in a little bit of trouble, as Let’s Encrypt expects port 443 for the TLS challenge. I did some research and believe that obtaining certificates by running sudo certbot certonly -a webroot -i apache should force the use of an HTTP challenge over port 80. I have set Apache to listen on port 8443 for SSL, (I think), and this is the contents of my ports.conf file.

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80

<IfModule ssl_module>
        Listen 8443 htttps
</IfModule>

<IfModule mod_gnutls.c>
        Listen 8443 https
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

And here is the contents of a site config file, they have all been changed identically.

<IfModule mod_ssl.c>
<VirtualHost *:8443>
        ServerName flyinghazard.com
        ServerAdmin ryan.warner.us@gmail.com
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/letsencrypt/live/flyinghazard.com-0001/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/flyinghazard.com-0001/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

I have been running into issues with this setup, but I have no idea why. The VPN connects perfectly, I DO NOT have any port share option set up, but when I go to access the website, I get errors left and right. MS Edge reports that the site cannot be reached and Chrome says that the site closed the connection. Are there any blatant errors in the config files? Is this a Let’s Encrypt limitation? Do I need to enable port sharing? Any help and advice is GREATLT appreciated!

My web server is (include version): Apache 2.4.10
The operating system my web server runs on is: Raspbian Jessie, up to date, not an OS problem.
I can login to a root shell on my machine : Yes
I’m using a control panel to manage my site: No

FlyingHazard · August 11, 2017, 11:09pm

Never mind! It was an improperly configured Port-Share option. Make sure to use port-share 127.0.0.1 8443
Thanks!

system · September 10, 2017, 11:09pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.