Home / server / Questions / 895580
Accepted
cclloyd
Asked: 2018-02-05 02:23:52 +0800 CST

Open 443 on Google Compute Instance?

  • 772

For some reason I can't open port 443 on my google compute instance. I have HTTPS server enabled on the instance, and using gcloud compute firewall-rules list returns the rules below:

NAME                    NETWORK  DIRECTION  PRIORITY  ALLOW                         DENY
default-allow-http      default  INGRESS    1000      tcp:80
default-allow-https     default  INGRESS    1000      tcp:443
default-allow-icmp      default  INGRESS    65534     icmp
default-allow-internal  default  INGRESS    65534     tcp:0-65535,udp:0-65535,icmp
default-allow-rdp       default  INGRESS    65534     tcp:3389
default-allow-ssh       default  INGRESS    65534     tcp:22

Yet when I check to see if the port is open using something like nmap it says it's closed.

PORT     STATE  SERVICE
22/tcp   open   ssh
443/tcp  closed https

Edit: Here's my nginx conf file for that site. https://gist.github.com/cclloyd/e7f1183f3a018dbc32cd7c55e15375cf

https

1 Answers

  1. Best Answer

    Check if application running

    You need to check if there is actually an application, running on your instance, that listening to 443 port.

    sudo netstat -plnt

    E.g. if there is nginx service running, and configured to listen 443 port, you will see something like this

    Proto Local Address           Foreign Address         State       PID/Program name
tcp   0.0.0.0:443             0.0.0.0:*               LISTEN      2742/nginx -g daemo

    Check firewall rules association

    You also can check that your firewall rule and your instance has appropriate tags:

    Check firewall rule targetTags:

    $ gcloud compute firewall-rules describe default-allow-https --format="value(targetTags)"

    Should output "https-server"

    Check instance tags:

    $ gcloud compute instances describe %INSTANCE_NAME% --format="value(tags.items)"

    Should output "https-server" as well.

    • 5