Rails 3 + Passenger + Apache: How to change the port for SSL from 443 to 8443?

1.3k views Asked by At

My hosting service is telling me to change my SSL port from 443 to 8443 since the OpenSSL tests are failing, even though they are working in production.

I changed my apache ports.conf file to:

    NameVirtualHost *:80
    #NameVirtualHost *:443
    NameVirtualHost *:8443
    Listen 80

    <IfModule mod_ssl.c>
        # If you add NameVirtualHost *:443 here, you will also have to change
        # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
        # to <VirtualHost *:443>
        # Server Name Indication for SSL named virtual hosts is currently not
        # supported by MSIE on Windows XP.
        #Listen 443
        Listen 8443
    </IfModule>

    <IfModule mod_gnutls.c>
        #Listen 443
        Listen 8443
    </IfModule>

I also changed my virtual hosts from <VirtualHost *:443> to <VirtualHost *:8443> and restarted apache, but when I try to access the site via https, the browser says: Firefox can't establish a connection to the server. Could it be a firewall issue?

2

There are 2 answers

0
mestachs On BEST ANSWER

at first the config looks good, I assume you have ssh enabled

ssh in the machine :

  • do wget --no-check-certificate https://127.0.0.1:8443 or curl -k https://127.0.0.1:443 (post the content)
  • watch open connections and see if it's an actual apache process behind it (sudo netstat -anp | grep 8443 or sudo lsof | grep ":8443")
  • is your config not overrided else where
  • check your config is valid (what's the output of the /etc/init.d/apache2 restart)
  • check the apache error/request logs if you see your traces or other errors

From your laptop :

  • try a nmap with this machine as target, and see if the port appear as filtered
  • are you sure the dns is ok (tried with the ip address ?)

Give this book a try, it's awesome to learn new troubleshooting technics.

1
Vlad Nikitin On

Configuration seams to be right, how do you try to access your site now? should be

https://yourdomain.com:8443/