ERR_CONNECTION_REFUSED configuring CloudFlare Origin SSL Certificates, and Apache took eternally to restart

Keywords: WordPress Multisite - Google Cloud Platform - Technical issue - Secure Connections (SSL/HTTPS)
bnsupport ID: 70408da0-81c3-c948-6a9a-b8d72bf9e951
Description:
I am facing the same issue as Domain shows ERR_CONNECTION_REFUSED, the only thing is I don’t even get my first site to work.

#My Workflow

##0. Configured WordPress Multisite domain via:

sudo /opt/bitnami/configure_app_domain --domain jkelvin.com

##1. Created necessary certificates for my main domain under:

/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server.crt
/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server.key
/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server-ca.crt

##2. Make the new certs created readable by the root user only via:

sudo chown root:root /opt/bitnami/apache2/conf/bitnami/certs/server*
sudo chmod 600 /opt/bitnami/apache2/conf/bitnami/certs/server*

##3. Modified configuration file /opt/bitnami/apache2/conf/vhost/wordpress-https-vhost.conf

ServerName jkelvin.com  <--Added new line
ServerAlias *.jkelvin.com  <--Modified from * to *.jkelvin.com
SSLCertificateFile <--Correct directory for server.crt
SSLCertificateKeyFile  <--Correct directory for server.key
SSLCACertificateFile  <--Added new line to correct directory for server-ca.crt

##4. Modified configurations file /opt/bitnami/apache2/conf/bitnami.bitnami-ssl.conf

SSLCertificateFile <--Correct directory for server.crt
SSLCertificateKeyFile  <--Correct directory for server.key
SSLCACertificateFile  <--Added new line to correct directory for server-ca.crt

##5. Modified configurations file /opt/bitnami/apache/conf/httpd.conf

ServerAdmin www@jkelvin.com
ServerName jkelvin.com:80

##6. Restarted Apache via:

sudo /opt/bitnami/ctlscript.sh restart apache

After these I tried to visit the IP address, the URL in both HTTP and HTTPS but all returned a jkelvin.com refused to connect ERR_CONNECTION_REFUSED error

=========

#Appendix

##1. sudo /opt/bitnami/ctlscript.sh status

apache not running
mariadb already running
php-fpm already running

##2. Bitnami support code:

70408da0-81c3-c948-6a9a-b8d72bf9e951

##3. I’ve tried to delete project, recreate project, reinstall wordpress multisite vm multiple times and I always get the same error. Also trying Let’sEncrypt via bitnami’s certtool also returns same error

##4. Ran the bitnami support tool and get the following messages:

Press [Enter] to continue:
[client 45.146.164.125:55972] AH00124: Request exceeded the limit of 10 internal 
redirects due to probable configuration error. Use 'LimitInternalRecursion' to 
increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., 
referer:  
<removed-link-due-to-new-user-link-limit>
 [Sun May 30 12:50:40.505286 2021] [core:error] [pid 2800:tid 140136025077504] 
[client 45.146.164.125:53690] AH00124: Request exceeded the limit of 10 internal 
redirects due to probable configuration error. Use 'LimitInternalRecursion' to 
increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., 
referer:  
<removed-link-due-to-new-user-link-limit>

Please check the following guide to troubleshoot server issues:

The Apache configuration has errors:

AH00526: Syntax error on line 7 of 
/opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf: 
SSLCACertificateFile: file 
Press [Enter] to continue:
'/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server-ca.crt'' does not 
exist or is empty

Please check the configuration.

[Connectivity]

Server ports 22, 80 and/or 443 are not publicly accessible. Please check the
following guide to open server ports for remote access:

===== End of bndiagnostic tool output =====```

REPOST DUE TO INCORRECT MARKUP

I am facing the same issue as Domain shows ERR_CONNECTION_REFUSED, the only thing is I don’t even get my first site to work.

My Workflow

0. Configured WordPress Multisite domain via:

sudo /opt/bitnami/configure_app_domain --domain jkelvin. com

1. Created necessary certificates for my main domain under:

/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server.key
/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server-ca.crt

2. Make the new certs created readable by the root user only via:

sudo chmod 600 /opt/bitnami/apache2/conf/bitnami/certs/server*

3. Modified configuration file /opt/bitnami/apache2/conf/vhost/wordpress-https-vhost.conf

ServerAlias *.jkelvin.com  <--Modified from * to *.jkelvin. com
SSLCertificateFile <--Correct directory for server.crt
SSLCertificateKeyFile  <--Correct directory for server.key
SSLCACertificateFile  <--Added new line to correct directory for server-ca.crt

4. Modified configurations file /opt/bitnami/apache2/conf/bitnami.bitnami-ssl.conf

SSLCertificateKeyFile  <--Correct directory for server.key
SSLCACertificateFile  <--Added new line to correct directory for server-ca.crt

5. Modified configurations file /opt/bitnami/apache/conf/httpd.conf

ServerName jkelvin.com:80

6. Restarted Apache via:

After these I tried to visit the IP address, the URL in both HTTP and HTTPS but all returned a jkelvin.com refused to connect ERR_CONNECTION_REFUSED error

=========

#Appendix

1. sudo /opt/bitnami/ctlscript.sh status

mariadb already running
php-fpm already running

2. Bitnami support code:

3. I’ve tried to delete project, recreate project, reinstall wordpress multisite vm multiple times and I always get the same error. Also trying Let’sEncrypt via bitnami’s certtool also returns same error

4. Ran the bitnami support tool and get the following messages:

[client 45.146.164.125:55972] AH00124: Request exceeded the limit of 10 internal 
redirects due to probable configuration error. Use 'LimitInternalRecursion' to 
increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., 
referer:  
<removed-link-due-to-new-user-link-limit>
 [Sun May 30 12:50:40.505286 2021] [core:error] [pid 2800:tid 140136025077504] 
[client 45.146.164.125:53690] AH00124: Request exceeded the limit of 10 internal 
redirects due to probable configuration error. Use 'LimitInternalRecursion' to 
increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., 
referer:  
<removed-link-due-to-new-user-link-limit>


Please check the following guide to troubleshoot server issues:
 
<removed-link-due-to-new-user-link-limit>

The Apache configuration has errors:

AH00526: Syntax error on line 7 of 
/opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf: 
SSLCACertificateFile: file 
Press [Enter] to continue:
'/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server-ca.crt'' does not 
exist or is empty

Please check the configuration.

[Connectivity]

Server ports 22, 80 and/or 443 are not publicly accessible. Please check the 
following guide to open server ports for remote access:
 
<removed-link-due-to-new-user-link-limit>
 

===== End of bndiagnostic tool output =====

The markups are messed up, a repost on https://pastebin.com/raw/JZE7dCn5

Hello @fycz000,

There is a typo in your /opt/bitnami/apache/conf/vhosts/wordpress-https-vhost.conf. Change it:

  SSLCACertificateFIle "/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server-ca.crt'

to

  SSLCACertificateFIle "/opt/bitnami/apache2/conf/bitnami/certs/jkelvin.com/server-ca.crt" 

Regards

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.