I am currently having some problems at work when having our web under ssl and using the 443 port. I found this website that checks the status of your server. It says that the 443 is closed.
Port 443 is closed on xx.xxx.xx.xxx.
After a while I tried everything and I don't know what I am doing wrong.
netstat shows this:
sudo netstat -anltp | grep LISTEN
tcp 0 0 0.0.0.0:993 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:995 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8081 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
And
netstat -nap | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 27898/nginx
tcp 1 0 127.0.0.1:34371 127.0.0.1:443 CLOSE_WAIT 25998/openssl
It is supposed that nginx is listening on that port, right?
Looks that way, because if I use an openssl client I get:
openssl s_client -connect 127.0.0.1:443
CONNECTED(00000003)
But when I try to reach my server from the outside using 443 port I get a connection time out.
openssl s_client -connect xx.xx.xx.xx:443
connect: Connection timed out
connect:errno=110
And here the iptable rules
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:https
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:https
Chain ufw-after-forward (0 references)
target prot opt source destination
Chain ufw-after-input (0 references)
target prot opt source destination
Chain ufw-after-logging-forward (0 references)
target prot opt source destination
Chain ufw-after-logging-input (0 references)
target prot opt source destination
Chain ufw-after-logging-output (0 references)
target prot opt source destination
Chain ufw-after-output (0 references)
target prot opt source destination
Chain ufw-before-forward (0 references)
target prot opt source destination
Chain ufw-before-input (0 references)
target prot opt source destination
Chain ufw-before-logging-forward (0 references)
target prot opt source destination
Chain ufw-before-logging-input (0 references)
target prot opt source destination
Chain ufw-before-logging-output (0 references)
target prot opt source destination
Chain ufw-before-output (0 references)
target prot opt source destination
Chain ufw-reject-forward (0 references)
target prot opt source destination
Chain ufw-reject-input (0 references)
target prot opt source destination
Chain ufw-reject-output (0 references)
target prot opt source destination
Chain ufw-track-input (0 references)
target prot opt source destination
Chain ufw-track-output (0 references)
target prot opt source destination
Any suggestion would be appreciated.
Thank you.
UPDATE: I forgot to mention that no firewall is actually running:
ufw status
Status: inactive