1

I have a server where, as part of the service, users are given their own personalised subdomain, i.e. username.servicename.com. It's not particularly feasible to generate personalised vhost entries every time this happens, so I used a wildcard virtualhost file in Apache. This works great.

I'm now trying to get SSL working on it. I have a wildcard SSL certificate with a CommonName of *.servicename.com, so I think I'm doing what I should be doing. But... doesn't work. HTTP requests still work fine, HTTPS requests time out, and there's nothing in the logs. What is wrong with my config?

 NameVirtualHost *:80 NameVirtualHost *:443 DirectoryIndex index.htm index.html index.php <VirtualHost *:80> ServerName servicename.com ServerAlias *.servicename.com #wildcard catch all VirtualDocumentRoot /var/www/%1 UseCanonicalName Off IndexOptions FancyIndexing ### Use mod_rewrite to direct servicename.com to www. RewriteEngine On RewriteCond %{HTTP_HOST} ^servicename.com RewriteRule (.*) http://www.%{HTTP_HOST}$1 [R=301,L] ### Logging LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog /var/log/apache2/access_log_servicename combined <Directory /var/www> Options FollowSymLinks Indexes MultiViews AllowOverride All Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> <VirtualHost *:443> ServerName servicename.com ServerAlias *.servicename.com VirtualDocumentRoot /var/www/%1 UseCanonicalName Off IndexOptions FancyIndexing ### Use mod_rewrite to direct servicename.com to www. RewriteEngine On RewriteCond %{HTTP_HOST} ^servicename.com RewriteRule (.*) https://www.%{HTTP_HOST}$1 [R=301,L] ### Logging LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog /var/log/apache2/access_log_servicename combined SSLEngine on SSLProtocol all SSLCertificateFile /etc/apache2/servicename.com.certificate SSLCertificateKeyFile /etc/apache2/servicename.com.key SSLCACertificateFile /etc/apache2/rapidssl.intermediateca <Directory /var/www> Options FollowSymLinks Indexes MultiViews AllowOverride All Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error-ssl.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
Improve this question
1
  • 2
    You've verified that the firewall allows port 443 traffic, that "netstat -anp |grep 443" shows apache listening on that port, "apache2ctl configtest" shows now errors, and so on? Commented Jan 22, 2012 at 3:09

1 Answer 1

Reset to default
2

It's pretty strange to see requests to Apache to time out because of a wrong configuration.

When a connection times out, it often is a problem of networking or firewall. For example, if firewall is configure not to allow traffic on that port and it drops those packets, the connection will time out.

Have a look at all the firewall involved in your setup, and this means your local network outgoing rules, the server network incoming rules and the iptables rules of the server itself.

Improve this answer
1
  • Totally correct - Amazon EC2 firewall was blocking :443. Commented Jan 23, 2012 at 21:44

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.