Apache cannot bind :443 address for SSL even though port 443 is unused

Question

I recently installed Apache 2.4.20 with SSL enabled using openssl 1.0.2j.

After updating the httpd.conf and httpd-ssl.conf files and trying to start Apache while listening to port 443, I get the following error:

(13)Permission denied: -----: make_sock: could not bind to address [::]:443
(13)Permission denied: -----: make_sock: could not bind to address 0.0.0.0:443
no listening sockets available, shutting down

Here is what I have for config:

httpd.conf:

Listen 51000
#Listen 443
#Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

httpd-ssl.conf

Listen 443

If I comment out this line in the httpd-ssl.conf file, my apache starts up fine:

attempting to start apache
done

However with it I get the socket error every time.

I ran the following as root:

netstat -tlpn | grep :443

Returned nothing.

lsof -i tcp:443

Returned nothing.

I've read somewhere that only root can bind to addresses below 1024, but I don't know the validity of that statement. Apache is not being run here as root - would that be the issue?

Answer 1

The problem is that 443 is a privileged port, and you are trying to listen as a non-root user.

See: privileged ports and why are privileged ports restricted to root.

There are also ways to get non-root users to bind to privileged ports.

Answer 2

If you are using docker with docker-compose,

It happens when we use a non-root container like bitnami official images.

We used user:root and network_mode: host when it needs to get bind with host network.

  apache:
    image: bitnami/apache:2.4
    container_name: "apache"
    ports:
      - 80:80
    network_mode: host
    privileged: true
    user: root
    environment:
      DOCKER_HOST: "unix:///var/run/docker.sock"
    env_file:
      - .env
    volumes:
      - ./setup/apache/httpd.conf:/opt/bitnami/apache/conf/httpd.conf

Hope it helps!