HTTPS works on LAN but shows invalid cert even if its valid and on WAN HTTPS gets ERR_CONNECTION_CLOSED

Keywords: OwnCloud - Virtual Machines - Technical issue - Secure Connections (SSL/HTTPS)
Description:
I have followed the guide on installing SSL cert using Let’s Encrypt but when I try to browse HTTPS using domain name (xxx.ddns.net) i get “ERR_CONNECTION_CLOSED” but when using Local LAN IP, HTTPS loads but with invalid cert.

When I look at the cert, its issue by Let’s Encrypt, it has my ddns domain and is not expired.

Tried searching in the forums but doesn’t seem to have a solution anywhere.

Hi,

For troubleshooting SSL issues, we have an SSL Checker: It will analyse your SSL configuration in Apache. It will show which certificate file is being used, the domain name it has, whether the key and certificate match and will also check the server certificate. Execute these commands inside your instance (connect through SSH).

wget https://github.com/bitnami-labs/healthcheck-tools/releases/download/1.0.0/ssl-checker-v1.0.0-linux-amd64
chmod +x ssl-checker-v1.0.0-linux-amd64
./ssl-checker-v1.0.0-linux-amd64 -hostname 127.0.0.1
./ssl-checker-v1.0.0-linux-amd64 -hostname PUT_YOUR_DOMAIN_NAME_HERE

Please show us the results of executing both commands.

Best regards,

Javier J. Salmerón


Was my answer helpful? Click on :heart:

bitnami@debian:~$ ./ssl-checker-v1.0.0-linux-amd64 -hostname 127.0.0.1
======================================
SSL CHECKS
======================================
Starting checks with these parameters:
  - Apache Root: "/opt/bitnami/apache2/"
  - Apache Root configuration: "/opt/bitnami/apache2/conf/httpd.conf"
  - Hostname: "127.0.0.1"
  - Port: 443
======================================
-- Check: Active SSL Certificates in Apache Configuration --
Ocurrence #1
Apache File: "/opt/bitnami/apache2/conf/bitnami/bitnami.conf"
Certificate file: "/opt/bitnami/apache2/conf/server.crt"
Key file: "/opt/bitnami/apache2/conf/server.key"
Active Certificate check failed: "open /opt/bitnami/apache2/conf/server.crt: permission denied"
-- End of check --

-- Check: HTTPS Connection to web server --
Hostname: "127.0.0.1"
Port: 443
Server certificate domain: "jpm.ddns.net"
-- End of check --

SSL Checks finished
2018/03/21 13:43:28 Found errors when checking the SSL configuration
bitnami@debian:~$ ./ssl-checker-v1.0.0-linux-amd64 -hostname jpm.ddns.net
======================================
SSL CHECKS
======================================
Starting checks with these parameters:
  - Apache Root: "/opt/bitnami/apache2/"
  - Apache Root configuration: "/opt/bitnami/apache2/conf/httpd.conf"
  - Hostname: "jpm.ddns.net"
  - Port: 443
======================================
-- Check: Active SSL Certificates in Apache Configuration --
Ocurrence #1
Apache File: "/opt/bitnami/apache2/conf/bitnami/bitnami.conf"
Certificate file: "/opt/bitnami/apache2/conf/server.crt"
Key file: "/opt/bitnami/apache2/conf/server.key"
Active Certificate check failed: "open /opt/bitnami/apache2/conf/server.crt: permission denied"
-- End of check --

-- Check: HTTPS Connection to web server --
Hostname: "jpm.ddns.net"
Port: 443
HTTPS Connection failed: "EOF"
-- End of check --

SSL Checks finished
2018/03/21 13:43:38 Found errors when checking the SSL configuration
bitnami@debian:~$

Hi,

Sorry, could you try executing it again as sudo?

sudo ./ssl-checker-v1.0.0-linux-amd64 -hostname jpm.ddns.net

Best regards,

Javier J. Salmerón


Was my answer helpful? Click on :heart:

bitnami@debian:~$ sudo ./ssl-checker-v1.0.0-linux-amd64 -hostname jpm.ddns.net
======================================
SSL CHECKS
======================================
Starting checks with these parameters:
  - Apache Root: "/opt/bitnami/apache2/"
  - Apache Root configuration: "/opt/bitnami/apache2/conf/httpd.conf"
  - Hostname: "jpm.ddns.net"
  - Port: 443
======================================
-- Check: Active SSL Certificates in Apache Configuration --
Ocurrence #1
Apache File: "/opt/bitnami/apache2/conf/bitnami/bitnami.conf"
Certificate file: "/opt/bitnami/apache2/conf/server.crt"
Key file: "/opt/bitnami/apache2/conf/server.key"
Domain name: "jpm.ddns.net"
Certificate and key match: true
-- End of check --

-- Check: HTTPS Connection to web server --
Hostname: "jpm.ddns.net"
Port: 443
HTTPS Connection failed: "EOF"
-- End of check --

SSL Checks finished
2018/03/22 15:30:47 Found errors when checking the SSL configuration
bitnami@debian:~$

Hi,

I can confirm that the certificate is well configured in Apache. However, I do not fully understand the reason of this CONNECTION_CLOSED error. In order to dig more into the issue, I will ask you to execute another tool. We have a Support Tool that will gather relevant information for us to debug the issue. Could you please download and execute it on the machine where the stack is running by following the steps described in the guide below?

How to Run the Bitnami Support Tool

Please note that you need to paste the code outputted by the tool in your reply.

Best regards,

Javier J. Salmerón


Was my answer helpful? Click on :heart:

6cbf6072-7346-4a4a-aba3-be5ddc3dc1c6

Hi @alexjaya,

You should check your router configuration and ensure you are using NAT port forwarding for both ports 80 and 443.

If not, and you’re using a tool provided by No-IP, it would seem that this could unfortunately be an issue with DDNS and we’re unable to provide support about that.
You could try contacting with No-IP or trying an alternative dynamic IP-DNS vendor and check if it works there.

Best regards,
Marcos

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.