I may have figured it out (it's been a 3 hour ordeal so far.) I was using netcat to test 443 using LAN and WAN machines, and all was going well.
At some point a few minutes ago, I realized that this software uses port 8080, not the standard 443. I think maybe it's time to jump in a freezing river or something like that. Well, hopefully that was the problem. I can't change the router settings until late tonight. Tim Legg ----- Original Message ----- From: Tim Legg Sent: 10/10/13 05:24 PM To: openssl-users@openssl.org Subject: Broken implementation of OpenSSL Hello, I was following a HOWTO document: http://www.howtoforge.com/perfect-server-ubuntu-12.04-lts-apache2-bind-dovecot-ispconfig-3 In the last step, I should have a control panel application (ISPConfig 3) launching when accessed with https://www.example.com:8080 but instead, I get a connection refused. So I decided to use wget to help diagnose the issue. I had some success with wget, but only when using --no-check-certificate. Here are a few cases: wget https://www.example.com:8080 --2013-10-10 13:50:06-- https://www.example.com:8080/ Resolving www.example.com (www.example.com)... 76.10.x.x Connecting to www.example.com (www.example.com)|76.10.x.x|:8080... failed: Connection refused. wget https://localhost:8080 --2013-10-10 13:50:56-- https://localhost:8080/ Resolving localhost (localhost)... 127.0.0.1 Connecting to localhost (localhost)|127.0.0.1|:8080... connected. ERROR: cannot verify localhost's certificate, issued by `/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd': Sel f-signed certificate encountered. ERROR: certificate common name `' doesn't match requested host name `localhost'. To connect to localhost insecurely, use `--no-check-certificate'. wget --no-check-certificate https://localhost:8080 --2013-10-10 13:51:39-- https://localhost:8080/ Resolving localhost (localhost)... 127.0.0.1 Connecting to localhost (localhost)|127.0.0.1|:8080... connected. WARNING: cannot verify localhost's certificate, issued by `/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd': Self-signed certificate encountered. WARNING: certificate common name `' doesn't match requested host name `localhost'. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: `index.html' 2013-10-10 13:51:39 (9.65 MB/s) - `index.html' saved [9199] I have a feeling that this would be an 'easy' problem. I don't have skill in how SSL operates or how it is expected to behave This is very similar to a thread I posted on the forum for ISPConfig. I came here since this community has expertise in encryption problems. The link to my question at ISPConfig's forum is here: http://www.howtoforge.com/forums/showthread.php?p=303779 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
