Unable to connect on port 443
I have a CentOS 7 EC2 instance with Apache HTTPD running on port 443.
$ netstat -tnlp | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2533/httpd
I cleared all inbound rules for the Security Group and now have just these 3:
IPv4 HTTPS TCP 443 <MyIP>/32
IPv4 HTTP TCP 80 <MyIP>/32
IPv4 SSH TCP 22 <MyIP>/32
But not able to connect to the web server on the public IP (Google Chrome browser reports ERR_CONNECTION_TIMED_OUT). It was working previously before I removed some inbound rules and stopped the instance for a few days.
$ telnet <public IP> 443
Trying <public IP>...
telnet: connect to address <public IP>: No route to host
$ telnet <public IP> 80
Trying <public IP>...
telnet: connect to address <public IP>: No route to host
$ telnet google.com 443
Trying 142.250.188.46...
Connected to google.com.
Escape character is '^]'.
Anything else I can check? Thanks
UPDATE: I installed VNC server on the instance and connected using VNC viewer. Launched Firefox, opened URL https://localhost and was able to login to the web app. But still can't access using https://<public ip>.
Adding port 443 using the firewall command did the trick for me.
$ sudo firewall-cmd --permanent --add-port=443/tcp
$ sudo firewall-cmd --reload
$ sudo firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports: 3389/tcp 443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
If you have a default Public IP you will get a new IP address every time you stop/start the instance. Could it be that?
Can you try to connect using openssl to eliminate any SSL config isssues? Something like 'openssl s_client -connect host:port -debug'. Another VPC thing to check is if there are any NACL rules preventing the connection, though your VNC connection seems to eliminate this possibility.
Please its been 2 weeks now, have tried everything but each time I telnet telnet <public IP> 443 or telnet telnet <public IP> 80, I keep getting; telnet: Unable to connect to remote host: Connection timed out
And when I do curl -I <public IP> 80, I get curl: (7) Failed to connect to <public IP> port 80: Connection timed out.
My <public IP> is an elastic IP.
Please help
You shouldn't be asking new questions in the answer area. Better to ask them as a separate question. Did you check all inbound rules of the Security Group? Adding port 443 using the firewall command did the trick for me (firewall-cmd --permanent --add-port=443/tcp).
Relevant questions
SSH port mapping connection keeps being reset
asked 5 months agoEC2 TCP port Connection refused
asked 2 years agoUnable to connect to AWS IoT Core on Greengrass install
asked 5 months agoUnable to connect on port 443
Accepted Answerasked 4 months agoServer ports 80 and/or 443 are not publicly accessible
asked 3 months agoHTTPS suddenly stopped working (have tried everything!)
asked 2 years agoPort 80 (HTTP) and Port 443 (HTTPS) stopped working for all my EC2 instances of ap-south-1 Region (including any new instance i launch in this region)
asked 3 months agoKMS Network Port
asked 2 years agoOutbound Ports 80 and 443 being blocked from instance
asked 5 months agoLoad balancer HTTPS to EC2 instance through HTTP
asked 3 years ago
Yes, the public IP keeps changing, but I use the new IP every time.