I have noticed something odd on a debian 12 server. I did the auto-installer. seems to work great. ispconfig is just fine on port 8080 ssl access. (site is ns1.americanhalalmeat.com) certificate is clearly correctly issued by LE. one of the sites (americanhalalmeat.com) has SSL and LE boxes both checked. port 80 access works fine. wordpress site. but port 443 access simply spins. no error but eventually times out. uncheck the boxes, save them, then check it again and save again. both boxes are checked - should be success. the error.log seems not to have anything relevant. the sites-available has 443 virtual host for the site. looking in /root/.acme.sh we see: --snip-- drwx------ 10 root root 4096 Aug 24 00:08 . drwx------ 18 root root 4096 Aug 25 10:46 .. -rw-r--r-- 1 root root 293 Aug 24 23:37 account.conf -rwxr-xr-x 1 root root 226888 Aug 23 23:37 acme.sh -rw-r--r-- 1 root root 78 Aug 31 2024 acme.sh.env drwxr-xr-x 3 root root 4096 Aug 23 14:35 americanhalalmeat.com_ecc drwxr-xr-x 3 root root 4096 Oct 30 2024 ca drwxr-xr-x 2 root root 4096 Aug 23 23:37 deploy drwxr-xr-x 2 root root 4096 Aug 23 23:37 dnsapi drwxr-xr-x 3 root root 4096 Oct 30 2024 homemadeornotatall.com -rw-r--r-- 1 root root 1305 Aug 24 23:37 http.header drwxr-xr-x 2 root root 4096 Aug 23 23:37 notify drwxr-xr-x 3 root root 4096 Aug 23 14:31 ns1.americanhalalmeat.com_ecc drwxr-xr-x 3 root root 4096 Oct 30 2024 sarahwali.com --snip-- and the americdanhalalmeat.com_ecc have what looks like valid LE files: --snip-- root root 1342 Aug 23 14:35 americanhalalmeat.com.cer -rw-r--r-- 1 root root 1007 Aug 23 14:35 americanhalalmeat.com.conf -rw-r--r-- 1 root root 521 Aug 23 14:35 americanhalalmeat.com.csr -rw-r--r-- 1 root root 224 Aug 23 14:35 americanhalalmeat.com.csr.conf -rw------- 1 root root 227 Aug 23 14:35 americanhalalmeat.com.key -rw------- 1 root root 227 Aug 23 14:35 americanhalalmeat.com.key.next drwxr-xr-x 2 root root 4096 Aug 23 14:35 backup -rw-r--r-- 1 root root 1567 Aug 23 14:35 ca.cer -rw-r--r-- 1 root root 2909 Aug 23 14:35 fullchain.cer --snip-- so these files seem to all be issued. by why does the 443 access hang with no error (apart from eventual timeout?) I've restarted apache2 several times. what am I missing??
I already checked 443 is permitted by ispconfig firewall. and the server (running centos) used to work fine so not sure why anything else would now be blocking.... but I'll have to check! thanks till!
wow who wouldl think? somehow the router had the port forwarding rule for 443 eliminated! issue solved. but why on earth would this rule be eliminated? (8080 as forwarded for ispconfig, and 443 certainly WAS forwarded). however, rule in place HTTPS works now. How odd! naturally when I redid the server I thought it had to be something on the server!
