4

I have a website(apache web server, ubuntu 14.04) setup http://example.com and configured with ports 1996 and 1980.

These links works with http

http://example.com/myproject http://example.com:1996/ http://example.com:1980/

And then I installed SSL certs and configured this server to use https.

But these links doesn't work

https://example.com:1996 https://example.com:1980

How to configure https in same domain for multiple ports?

default.conf:

<VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> <VirtualHost *:443> ServerAdmin webmaster@localhost DocumentRoot /var/www/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined ServerName example.com SSLEngine on SSLCertificateFile /home/ubuntu/ssl_cert/signed_cert.crt SSLCertificateKeyFile /home/ubuntu/ssl_cert/server.key </VirtualHost>

ports.conf:

Listen 80 <IfModule ssl_module> Listen 443 </IfModule> <IfModule mod_gnutls.c> Listen 443 </IfModule>
Improve this question
4
  • Can you see the ports up and running with a netstat -ntpl or ss -ntpl | cat ? If not Apache may not have even started properly and you need to check the logs for errors encountered. Commented Feb 27, 2019 at 17:00
  • Yes, the ports are up. Apache is also running and http://example.com/myproject still works. Issue is with https and specific ports 1996, 1980 Commented Feb 27, 2019 at 17:07
  • If the ports are up then it means that you have configured apache to listen on those ports correctly. Check if the ServerName/ServerAlias is within that virtualhost block? Can you indicate how you are testing those links ? Are you testing locally on the machine or from another server/desktop ? Are there any errors appearing in the apache log files ? Commented Feb 27, 2019 at 17:16
  • @Nani, I just noticed that you haven't accepted an answer for any of the 4 still open questions you've asked. Accepting an answer is the best way to thank the person who took the time to answer you and, more importantly, shows the next user who finds your question that this answer worked for you. If the answers you have received did actually answer your question, please take a moment and accept them by clicking on the checkmark on the left. Commented Feb 27, 2019 at 18:42

1 Answer 1

Reset to default
4

EDIT: Debugging the user setup, it was found with netstat there is already a process using 1996/TCP:

netstat -nlp | grep 1996 tcp 0 0 0.0.0.0:1996 0.0.0.0:* LISTEN 4729/python

So the configuration examples, were changed to 1997/TCP.

Apache/mod_ssl have to be told 1997/TCP and 1980/TCP are HTTPS ports. By default 443/TCP is already known, but any others TLS aware TCP ports have to be added to the configuration.

Otherwise, any non 443/TCP por, will be handled only as an HTTP capable port.

For instance, in CentOS, you have to add to /etc/httpd/conf.d/ssl.conf and in Debian/Ubuntu at /etc/apache2/ports.conf the lines:

Listen 1997 https Listen 1980 https

You also have to define the ports in the corresponding vhosts:

<VirtualHost *:1997> Servername example.com .... </VirtualHost> <VirtualHost *:1980> Servername example.com .... </VirtualHost>

It is also little known, you can do something as (as an example only, do not use it if you still have the vhost using :*443):

<VirtualHost *:443 *:1980> Servername example.com .... </VirtualHost>

After editing the configuration files, you have to restart Apache. In Debian/Ubuntu, it is restarted doing:

sudo service apache2 restart

From Apache - Binding to Addresses and Ports

Specifying the protocol with Listen

The optional second protocol argument of Listen is not required for most configurations. If not specified, https is the default for port 443 and http the default for all other ports. The protocol is used to determine which module should handle a request, and to apply protocol specific optimizations with the AcceptFilter directive.

You only need to set the protocol if you are running on non-standard ports. For example, running an https site on port 8443:

Listen 192.170.2.1:8443 https

Important Note: there should only be configured one Listen line/directive per port. If you have already a Listen directive for these ports, you either comment them or add https on front of them. Otherwise, you will have a "Address already in use" when starting Apache.

TLDR of last paragraph: you have already a duplicate Listen for at least 1996 in probably apache2.conf, take it out. (no, it is being used by another running service)

Second Note: Do not use ports you might have configured on other running services.

Improve this answer
10
  • (98)Address already in use: AH00072: make_sock: could not bind to address [::]:1996 (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:1996 no listening sockets available, shutting down AH00015: Unable to open logs Action 'start' failed. The Apache error log may have more information. Commented Feb 27, 2019 at 17:31
  • I get the above message, after restarting apache service with the changes that you suggested Commented Feb 27, 2019 at 17:31
  • I will add a note I deleted when editing the answer, because I thought you were showing your complete configuration (you arent) Commented Feb 27, 2019 at 17:32
  • If you are able to find the duplicate, do cd /etc/apache2 ; grep -r 1996 * Commented Feb 27, 2019 at 17:39
  • No, there are no duplicates Commented Feb 27, 2019 at 18:09

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.