Apache Friends Support Forum

Hello! I've spent 2 days trying to get this to work and I'm now out of ideas. I have a Xamp installation v3.2.4 on a windows 2019 server. I'm trying to access a test site using a certificate from my lan and internet. http works fine, but https just doesnt want to play. I have no idea how to fix it. The settings for the virtual host is the same for port 80 and port 443. The error message I get is that it takes to long for the host to answer.

It works fine from localhost, but any other host only http works.

Please help!

Port forwarding for port 443?
Firewall settings?

Yes, portforwarding for port 443 is done and there is no firewall on the windows host, on the router it's open. Thing is, it doesnt even work from my lan wich makes me think its not the router/firewall.

Please show us the following information:
- vhost configuration
- Apache access.log entries
- Apache error.log entries

Maybe a browser debugging panel like the chrome web dev toolbars network tab can help analyse the request and response.

We need much more information, please provide the public Servername (Domain) of your site. Also tell us your router. Some routers reserve port 443 for external administration.

If i edit my host file on a lan computer to point to the local ip of the server, it works. But now I'm even more baffeled. But I have found one thing being even more strange, the certificate is valid when browsing from the localhost, but invalid on the computer with the edited hosts file. But it doesnt stop there, from my mac, the certificate is valid using safari, but unvalid using firefox and chrome?

the domain is vovsing.se

Router is Nighthawk X4S R7800, remote configuration is disabled.

vhost configuration is in the httpd-ssl.config file:

Listen *:443
<VirtualHost *:443>
# General setup for the virtual host
DocumentRoot "E:/xampp/htdocs/prestashop"
ServerName vovsing.se
ServerAdmin admin@example.com
ErrorLog "E:/xampp/apache/logs/error.log"
TransferLog "E:/xampp/apache/logs/access.log"

SSLEngine on


Access.log entries:
192.168.0.166 - - [06/Oct/2020:18:11:45 +0200] "GET / HTTP/1.1" 200 45061
192.168.0.166 - - [06/Oct/2020:18:11:46 +0200] "GET /themes/classic/assets/css/custom.css HTTP/1.1" 200 91
192.168.0.166 - - [06/Oct/2020:18:11:50 +0200] "GET / HTTP/1.1" 301 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_16_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36"
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET / HTTP/1.1" 200 45061
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /themes/classic/assets/css/theme.css HTTP/1.1" 200 190126
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /js/jquery/ui/themes/base/minified/jquery-ui.min.css HTTP/1.1" 200 25722
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_imageslider/css/homeslider.css HTTP/1.1" 200 1158
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /themes/classic/assets/css/custom.css HTTP/1.1" 200 91
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /js/jquery/ui/themes/base/minified/jquery.ui.theme.min.css HTTP/1.1" 200 13654
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /themes/core.js HTTP/1.1" 200 117979
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /themes/classic/assets/js/theme.js HTTP/1.1" 200 173185
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_emailsubscription/views/js/ps_emailsubscription.js HTTP/1.1" 200 1997
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_imageslider/js/responsiveslides.min.js HTTP/1.1" 200 3397
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_imageslider/js/homeslider.js HTTP/1.1" 200 1840
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /js/jquery/ui/jquery-ui.min.js HTTP/1.1" 200 227922
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_searchbar/ps_searchbar.js HTTP/1.1" 200 1206
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_shoppingcart/ps_shoppingcart.js HTTP/1.1" 200 2028
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /themes/classic/assets/js/custom.js HTTP/1.1" 200 90
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /img/logo.png HTTP/1.1" 200 1831
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /2-home_default/hummingbird-printed-t-shirt.jpg HTTP/1.1" 200 6914
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_imageslider/images/sample-1.jpg HTTP/1.1" 200 234051
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_imageslider/images/sample-2.jpg HTTP/1.1" 200 194743
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_imageslider/images/sample-3.jpg HTTP/1.1" 200 352616
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /3-home_default/the-best-is-yet-to-come-framed-poster.jpg HTTP/1.1" 200 8986
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /4-home_default/the-adventure-begins-framed-poster.jpg HTTP/1.1" 200 8293
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /5-home_default/today-is-a-good-day-framed-poster.jpg HTTP/1.1" 200 8031
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /21-home_default/brown-bear-printed-sweater.jpg HTTP/1.1" 200 7405
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /6-home_default/mug-the-best-is-yet-to-come.jpg HTTP/1.1" 200 6609
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /7-home_default/mug-the-adventure-begins.jpg HTTP/1.1" 200 6394
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /8-home_default/mug-today-is-a-good-day.jpg HTTP/1.1" 200 5994
192.168.0.166 - - [06/Oct/2020:18:11:51 +0200] "GET /modules/ps_banner/img/sale70.png HTTP/1.1" 200 286053
192.168.0.166 - - [06/Oct/2020:18:11:52 +0200] "GET /themes/classic/assets/css/570eb83859dc23dd0eec423a49e147fe.woff2 HTTP/1.1" 200 44300
192.168.0.166 - - [06/Oct/2020:18:11:52 +0200] "GET /themes/classic/assets/css/19c1b868764c0e4d15a45d3f61250488.woff2 HTTP/1.1" 200 161480
192.168.0.166 - - [06/Oct/2020:18:11:52 +0200] "GET /themes/classic/assets/css/199038f07312bfc6f0aabd3ed6a2b64d.woff2 HTTP/1.1" 200 160208
192.168.0.166 - - [06/Oct/2020:18:11:52 +0200] "GET /js/jquery/ui/themes/base/minified/images/ui-bg_flat_75_ffffff_40x100.png HTTP/1.1" 200 74
192.168.0.166 - - [06/Oct/2020:18:11:57 +0200] "GET / HTTP/1.1" 200 45061
199.244.88.132 - - [06/Oct/2020:18:12:53 +0200] "GET / HTTP/1.1" 302 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36"
192.168.0.166 - - [06/Oct/2020:18:13:31 +0200] "POST /admin083qegtpn/index.php/common/notifications?_token=OzPnkq8v8LFfEeMW-kTPM1SZ2PoObVuJt47VnusXPwk&rand=1602000811657 HTTP/1.1" 200 2465
192.168.0.100 - - [06/Oct/2020:18:13:44 +0200] "POST /admin083qegtpn/index.php/common/notifications?_token=9DCEktyP4RezHVcgbsiIoWBWXfzxUkeXYW3NIJbEeqM&rand=1602000824632 HTTP/1.1" 200 2465
192.168.0.100 - - [06/Oct/2020:18:13:45 +0200] "POST /admin083qegtpn/index.php/common/notifications?_token=9DCEktyP4RezHVcgbsiIoWBWXfzxUkeXYW3NIJbEeqM&rand=1602000825620 HTTP/1.1" 200 2465

Theres not much in the error log
Tue Oct 06 18:22:46.922798 2020] [core:warn] [pid 1184:tid 556] AH00098: pid file E:/xampp/apache/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run?
[Tue Oct 06 18:22:46.969798 2020] [mpm_winnt:notice] [pid 1184:tid 556] AH00455: Apache/2.4.46 (Win64) OpenSSL/1.1.1g PHP/7.2.33 configured -- resuming normal operations
[Tue Oct 06 18:22:46.969798 2020] [mpm_winnt:notice] [pid 1184:tid 556] AH00456: Apache Lounge VC15 Server built: Aug 4 2020 11:50:23
[Tue Oct 06 18:22:46.969798 2020] [core:notice] [pid 1184:tid 556] AH00094: Command line: 'e:\\xampp\\apache\\bin\\httpd.exe -d E:/xampp/apache'
[Tue Oct 06 18:22:46.971790 2020] [mpm_winnt:notice] [pid 1184:tid 556] AH00418: Parent: Created child process 2804
[Tue Oct 06 18:22:47.662791 2020] [mpm_winnt:notice] [pid 2804:tid 748] AH00354: Child: Starting 150 worker threads.

You have problem with your provider or your router.

Open a terminal and run a ping command:

Code: Select all

ping vovsing.se

You wlll see, that it stucks. It displays the IP (83.233.125.98) and then it times out. You may also try this:

Code: Select all

ping 83.233.125.98

Same thing as above - only a single response, then: hanging.

Clearly:

1) Its NOT a Xampp problem at all.

2) It seems to be a router problem, and/or a provider problem.

I cannot help any further on that, as i have no access to your computer. But the problem is not any Xampp configuration, as already "ping" does not run satisfying.

I'm really happy for you guys taking your time with this. Answering ICMP (ping) was disabled on my router. I have enabled it for testing purposes now.

I have found in forums there seems to be an issue with my router and the port 443. Im not alone and I have not found a solution.

Zulan wrote:I have found in forums there seems to be an issue with my router and the port 443. Im not alone and I have not found a solution.

But I have found a solution

I've disabled both usb and remote management which opens up 443, will disable one / both to see which one it is exactly.

from https://community.netgear.com/t5/Nighth ... -p/1844573

Actually, thats precisely what i already mentioned in my posting above, the router reserves port 443 for external administration. Obviously you disabled either the "wrong" one or you should disable both (usb and remote, i dont know).

P.S.: I just ran a portscan on 83.233.125.98 with my smartphone, only port 80 is open on your router. That gives me the insight, that you might have disabled "remote" administration - but probably not via USB. It sounds somewhat weird "via USB", but actually you easily can run TCPIP via USB using a proper adapter (there are plenty of adapters at Amazon). I think, you should disable via USB also. Unfortunately i dont know your router and have no idea about the admin menu. But you should find out on yourself, where to configure the external administration.

I definitely think you are on the right track. I have spent several hours disabling everything on my router trying to get this to work. UpNP, remote admin, USB and VPN is now all disabled. I think there might be a problem with the firmware or that I need to reset the router and try again. Restarting it doesn't help. I will try to reset it tonight, and if that doesnt work I'll try using my old router and see if that helps.

Also ask Netgear for support, its their router and the weird behaviour. If nothing helps - get another router. I have at least 2 routers flying around in my home which I wont use anymore. But i think you live in sweden(?), it might be easier to get a used router in sweden on Ebay. Any Fritzbox (well known in Germany, the manufactor is AVM www.avm.de) will do the job.

Guys, thank you for excellent support! Problem is solved, resetting the router loosing all settings and setting it up exactly the same way as before solved the issue. I didnt want to use the exported configuration but took screen shots configured it like it was. The weird problem with the certficiate only beeing valid on localhost is gone.

It's not something I'm expecting an answer for, but how did safari work? I'm pretty sure it didn't, but still it said the certificate was valid. I am running a beta of osx so it might be ok.