SSL times out for one subdomain; http still works
Hello, there. I recently became an admin for a server managed via cPanel/WHM which contains several subdomains, all of which run on their own IPs. All of them except for one have SSL operating flawlessly. This one particular subdomain accepts HTTP connections without issue, but HTTPS will just time out. I even confirmed this via CURL, and for good measure, I used the SSL Checker on
Since the "userdata" directory doesn't even exist under /etc/apache2/conf.d/. Am I meant to create that manually if I want to customize it? Maybe I'm wasting time looking there? I'm very new to using cPanel/WHM, and I'm just not sure where I should go next to check. Maybe there's more intensive firewall checking I can do? Maybe I could try exploring some custom vhost overrides? I've exhausted just about everything I can think of so far, so I would certainly appreciate some assistance. Thanks in advance.
Since the "userdata" directory doesn't even exist under /etc/apache2/conf.d/. Am I meant to create that manually if I want to customize it? Maybe I'm wasting time looking there? I'm very new to using cPanel/WHM, and I'm just not sure where I should go next to check. Maybe there's more intensive firewall checking I can do? Maybe I could try exploring some custom vhost overrides? I've exhausted just about everything I can think of so far, so I would certainly appreciate some assistance. Thanks in advance.
-
Is the SSL a purchased one, or one installed using WHM and free. Have you tried to delete and reinstall it ? 0 -
When you go to cPanel >> Security >> SSL/TLS >> Certificates and click the link below do you see the certificates there as well? Furthermore, can you show me the error when you send the curl request? Something like: curl -vvI https://domain.tld
would be sufficient, just ensure you remove any actual domain names or IP addresses0 -
Is the SSL a purchased one, or one installed using WHM and free.
It's a free one installed via either the WHM or the cPanel, and "cPanel" is listed as the issuer. [QUOTE] Have you tried to delete and reinstall it ?
Yes, but unfortunately it didn't make a difference.When you go to cPanel >> Security >> SSL/TLS >> Certificates and click the link below do you see the certificates there as well? Furthermore, can you show me the error when you send the curl request? Something like:
curl -vvI https://domain.tld
would be sufficient, just ensure you remove any actual domain names or IP addresses
Sure, here's the curl.curl -vvI https://(domain) * Rebuilt URL to: https://(domain)/ * Trying (IP)... * TCP_NODELAY set * connect to (IP) port 443 failed: Connection timed out * Failed to connect to (domain) port 443: Connection timed out * Closing connection 0 curl: (7) Failed to connect to (domain) port 443: Connection timed out
And in the SSL/TLS section of the cPanel, I can clearly see the cert listed for that domain. The matching keyfile is also there.0 -
I don't think this is an issue with your site it seems more so to be an issue with the port. For example, if I query a site that doesn't have an SSL but does have a self-signed SSL it will bring up the contents of the self-signed SSL rather than timeout on the connection. Do other sites on your server accept connections over 443 or do you have any sites that work over https? Even if the domain doesn't have an SSL VirtualHost Apache's default behavior is to load the first site in the configuration on that IP with an SSL so you wouldn't encounter a timeout. 0 -
I don't think this is an issue with your site it seems more so to be an issue with the port. For example, if I query a site that doesn't have an SSL but does have a self-signed SSL it will bring up the contents of the self-signed SSL rather than timeout on the connection. Do other sites on your server accept connections over 443 or do you have any sites that work over https? Even if the domain doesn't have an SSL VirtualHost Apache's default behavior is to load the first site in the configuration on that IP with an SSL so you wouldn't encounter a timeout.
There are two other sites that run on this server, and both of them do accept HTTPS over 443, though they do have different domain names. I think you're definitely right that the issue is with the port, but I'm not sure how to go about checking this further. What would you recommend?0 -
Are these sites on dedicated IP addresses by chance? Or are you running a webserver besides apache? 0 -
No, these are not on dedicated IPs. Each site does have its own IP, but they aren't static. And the webserver is definitely apache. 0
Please sign in to leave a comment.
Comments
7 comments