Hi,
I'm new to the forums but have been using Ubuntu for over a year now. I recently updated to Ubuntu server from 11.1 to 12.04. After doing so I was relieved that everything still worked. Only later did I realize that https was no longer working. When I attempt to connect it times out and no errors are thrown in the apache2 logs. It was working before the update.
I'm not sure what has changed since, but I have gone through a few steps to try and figure out the problem but have not found anything yet.
Here's what I've tried.
Code:
netstat -lp | grep apache2
tcp 0 0 *:http *:* LISTEN 7201/apache2
tcp 0 0 *:https *:* LISTEN 7201/apache2
Code:
openssl s_client -connect www.MYDOMAINNAME.com:443
connect: Connection timed out
connect:errno=110
Code:
s_client -connect localhost:443
( SSL certificate data as expected )
Code:
# default-ssl
<VirtualHost *:443>
ServerName MYDOMAINNAME.com
ServerAlias www.MYDOMAINNAME.com
ServerAdmin support@MYDOMAINNAME.com
DocumentRoot /var/www
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
SSLCertificateFile /root/ssl/MYDOMAINNAME.com.crt
SSLCertificateKeyFile /root/ssl/MYDOMAINNAME.com.key
SSLCACertificateFile /root/ssl/MYDOMAINNAME.com.csr
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
Code:
# ports.conf
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>
Code:
a2ensite default-ssl
Site default-ssl already enabled
a2enmod ssl
Module ssl already enabled
Code:
Apache/2.2.22
Ubuntu 12.04 LTS
Any suggestions would be appreciated.
Thanks,
~Redsting
[edit notes: Forgot to add that I double checked mod_ssl and default-ssl were enabled]
Bookmarks