Certbot with Tomcat9 (linode) Ubuntu 19.4 - tomcat9

i've set up the https on apache http server (port 80) along with webmin (port 10000) using let's encrypt. i've installed tomcat9 on the same server and it's listening to port 8080 (http). tomcat9 server also works fine. i am trying to set up the https for tomcat9. i've copied cert1.pem, chain1.pem, and privkey.pem from /etc/letsencrypt/archive/{domain.com} folder into /etc/tomcat9 folder. Also updated server.xml by uncommenting "connector port="8443" section and put the locations of the pem files on the certificate section. i've restarted the tomcat9 service. When i go to http://example.com:8080, it shows the tomcat webpage. if i do https://example.com:8080 or https://example.com:8443, i get ERR_SSL_PROTOCOL_ERROR. iptable -L -n -v shows the port 8443 to accept. Can you help?

It wasn't working due to spelling mistake in server.xml. Instead of privkey.pem, i had key.pem. it's working now.

Related

IBM Cloud Code Engine revision fails when deploying standard container with port 80

I am trying to deploy an app in a Code Engine project. The container image is pretty standard: docker.io/library/httpd. All I did in the configuration wizard is to change the port from Code Engine default 8080 to port 80.
Code Engine comes back with:
Revision failed to start with "exit code 1". Check your image and configuration.
In the logs I found these two lines:
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
Why?
I don't know the answer to your question "why", except I see some people on Stackoverflow mention the range up to 1024 is reserved by the OS. I could run my httpd locally on port 80, but in the IBM Code Engine I had to change to 8080.
This is how I managed to get it running:
I edited the httpd.conf as this post implies:
"There is a hint on how to do this at the DockerHub page. An alternative config file must be obtained and added to the container via the Dockerfile.
First get a copy of the config file:
docker run --rm httpd:2.4 cat /usr/local/apache2/conf/httpd.conf > my-httpd.conf
Then edit the my-httpd.conf file and modify the port:
Listen 8080
Finally add to the Dockerfile the instruction to copy it:
COPY ./my-httpd.conf /usr/local/apache2/conf/httpd.conf "

Install Openfire when port 9090 is already in use?

I tried to install Openfire on Ubuntu 16.04 it installed fine but when I go to: http://localhost:9090 it shows me "prometheus" graph page
I wanted to know if I could install openfire or configure openfire to use a different port instead?
Thank you
Try finding a file with name openfire.xml. The location of the file differs according to the way of installation. Use the following command for finding it
sudo find / -name openfire.xml
Inside that file there will be a line <port>9090</port> just replace 9090 with the required port no and then restart the application.

How do I stop Apache/Tomcat server on localhost://8080?

I keep getting errors when trying to serve files locally. I am using Tomcat on port 8080.
When using Eclipse, I get the following error message:
Several ports (8080, 8009) required by Tomcat v8.0 Server at localhost are already in use. The server may already be running in another process, or a system process may be using the port. To start this server you will need to stop the other process or change the port number(s).
Question
How do I stop the server on port 8080 if I don't know which process started it?
Try to go with a web browser to:
localhost:8080 or 127.0.0.1:8080
and
localhost:8009 or 127.0.0.1:8009
There you could see which service is running on those ports.
Then it will be more simple to understand what you have to stop.
EDIT:
You could use a prompt and the command:
netstat -b
-b it will show the name of the executable running on a port.
For understanding how it works here a good explanation.

Receiving ERR_CONNECTION_REFUSED after Sinatra deployment on Digital Ocean

Having a problem with deployment of a small Sinatra app that works fine locally, and seems like its running on digital ocean, but can't be hit via the domain name. The following is the message I receive:
This webpage is not available
Error code: ERR_CONNECTION_REFUSED
The following is what's displayed on my droplet using rackup -p 80, which to me indicates it should be able to be hit:
Thin web server (v1.6.3 codename Protein Powder)
Maximum connections set to 1024
Listening on localhost:80, CTRL+C to stop
If it makes any difference, I also cannot hit the ip address directly. Anyone encounter similar problems or possibly a solution? The app is on ubuntu uses psql as a database. It would be greatly appreciated. Thanks!
Bind your app on 0.0.0.0 instead of localhost:
ruby your_app.rb -o 0.0.0.0
or
rackup --host 0.0.0.0
In production, you should setup a reverse proxy (eg. using nginx or apache) to bind a domain to your app internal port insteal of opening everything on 0.0.0.0

vagrant cannot access webserver on localhost:8080

I am running CentOS 6.4 through vagrant.
I have put this line inside my Vagrantfile:
config.vm.network :forwarded_port, guest: 80, host: 8080
Then I have installed nginx in the VM and verified it's working with:
wget http://locahost/
Works fine.
But from my host machine (Macbook Air, Mountain Lion) when I go to:
http://localhost:8080
It times out. Did I miss any configuration in Vagrantfile?
I have used this box:
https://github.com/NREL/vagrant-boxes
Have you checked your iptables?
It's a common mistake: when you use provisioning you also have to configure your iptables. (For puppet you have this module.) If you don't want to work with a firewall you can just do vagrant ssh followed by sudo service iptables stop.
What do you see when you go to your browser? Does it say Data not received or it never stops reloading? Do you get any messages in your browser? The server config file must be a bit messed up. Try reloading the server configuration, and restarting it.
Also, try changing the port number to something else. With the newer version of Vagrant, the syntex looks a bit different. So you have to do:
config.vm.forward_port 80, 2759
This is the config file that I use for one of my instances:
Vagrant::Config.run do |config|
config.vm.box = 'rails-dev-ready'
config.vm.host_name = 'rails-dev-ready'
config.vm.forward_port 5800, 5800
config.vm.forward_port 1080, 1090
config.vm.forward_port 80, 2759
config.vm.provision :puppet,
:manifests_path => 'puppet/manifests',
:module_path => 'puppet/modules'
config.vm.share_folder "sharedapps", "/home/vagrant/sharedapps", "sharedapps"
end
I recently set up a CentOS 6.4 box. My ports got all messed up because of iptables. I just disabled the service. It's in /sbin/sevices.
You may run the following command to find out if any other process (such as Tomcat) is bind to port 8080:
lsof -i :8080
If so, that may cause the problem.
I have found a solution,
I have found that there is an issue with Apache + vagrant, and sometimes Apache won't start automatically.
Please try: sudo service apache2 start once logged in via ssh.
I was having issues with Vagrant and all the error messages indicated a networking problem, but in reality my Apache service just wasn't starting on vagrant up