Unable to connect on port 443

0

I have a CentOS 7 EC2 instance with Apache HTTPD running on port 443.

$ netstat -tnlp | grep 443
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      2533/httpd          

I cleared all inbound rules for the Security Group and now have just these 3:

IPv4	HTTPS	TCP	443	<MyIP>/32
IPv4	HTTP	TCP	80	<MyIP>/32
IPv4	SSH	TCP	22	<MyIP>/32

But not able to connect to the web server on the public IP (Google Chrome browser reports ERR_CONNECTION_TIMED_OUT). It was working previously before I removed some inbound rules and stopped the instance for a few days.

$ telnet <public IP> 443
Trying <public IP>...
telnet: connect to address <public IP>: No route to host
$ telnet <public IP> 80 
Trying <public IP>...
telnet: connect to address <public IP>: No route to host
$ telnet google.com 443
Trying 142.250.188.46...
Connected to google.com.
Escape character is '^]'.

Anything else I can check? Thanks

UPDATE: I installed VNC server on the instance and connected using VNC viewer. Launched Firefox, opened URL https://localhost and was able to login to the web app. But still can't access using https://<public ip>.

SV
gefragt vor 3 Jahren5829 Aufrufe
3 Antworten
0
Akzeptierte Antwort

Adding port 443 using the firewall command did the trick for me.

$ sudo firewall-cmd --permanent --add-port=443/tcp

$ sudo firewall-cmd --reload

$ sudo firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources: 
  services: dhcpv6-client ssh
  ports: 3389/tcp 443/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

SV
beantwortet vor 3 Jahren
profile picture
EXPERTE
überprüft vor 6 Monaten
0

If you have a default Public IP you will get a new IP address every time you stop/start the instance. Could it be that?

profile pictureAWS
EXPERTE
kentrad
beantwortet vor 3 Jahren
  • Yes, the public IP keeps changing, but I use the new IP every time.

  • Can you try to connect using openssl to eliminate any SSL config isssues? Something like 'openssl s_client -connect host:port -debug'. Another VPC thing to check is if there are any NACL rules preventing the connection, though your VNC connection seems to eliminate this possibility.

0

Please its been 2 weeks now, have tried everything but each time I telnet telnet <public IP> 443 or telnet telnet <public IP> 80, I keep getting; telnet: Unable to connect to remote host: Connection timed out

And when I do curl -I <public IP> 80, I get curl: (7) Failed to connect to <public IP> port 80: Connection timed out.

My <public IP> is an elastic IP.

Please help

beantwortet vor 3 Jahren
  • You shouldn't be asking new questions in the answer area. Better to ask them as a separate question. Did you check all inbound rules of the Security Group? Adding port 443 using the firewall command did the trick for me (firewall-cmd --permanent --add-port=443/tcp).

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen