I'm trying to setup a Nextcloud server to listen on a non-standard port over SSL on Apache2.
OS: Debian 9.9.0
uname -a: Linux cactuar 4.9.0-11-amd64 #1 SMP Debian 4.9.189-3+deb9u2 (2019-11-11) x86_64 GNU/Linux
apache -v: Apache/2.4.25 (Debian)
php --version: PHP 7.3.11-1+0~20191026.48+debian9~1.gbpf71ca0 (cli) (built: Oct 26 2019 14:18:28) ( NTS )
my sites-available currently activated:
NameVirtualHost 0.0.0.0:7580
<VirtualHost *:7580>
DocumentRoot /var/www/nextcloud
ServerName cloud.example.com
<Directory "/var/www/nextcloud">
allow from all
Options None
Require all granted
</Directory>
SSLEngine on
SSLProtocol +TLSv1.1 +TLSv1.2
SSLCertificateFile /var/cloud_ssl/certificate.crt
SSLCertificateKeyFile /var/cloud_ssl/private.key
SSLVerifyClient none
LogLevel info
SSLCACertificateFile /var/cloud_ssl/ca_bundle.crt
</VirtualHost>
When I try to access my site on https://cloud.example.com:7580 I get:
Internal Server Error
The server encountered an internal error and was unable to complete your request.
Please contact the server administrator if this error reappears multiple
times, please include the technical details below in your report.
More details can be found in the server log.
The apache2 error log is set for debug level and contains the following on my request:
[Tue Dec 24 11:39:12.283854 2019] [ssl:info] [pid 23619] [client 10.10.0.1:3616] AH01964: Connection to child 0 established (server cloud.example.com:443)
[Tue Dec 24 11:39:12.284437 2019] [ssl:info] [pid 23620] [client 10.10.0.1:17338] AH01964: Connection to child 1 established (server cloud.example.com:443)
[Tue Dec 24 11:39:13.177501 2019] [watchdog:debug] [pid 23880] mod_watchdog.c(563): AH02980: Watchdog: nothing configured?
[Tue Dec 24 11:39:32.611925 2019] [reqtimeout:info] [pid 23620] [client 10.10.0.1:17338] AH01382: Request header read timeout
My apache2 is behind pfSense with 7580 NAT'd to this specific machine.
My ports.conf:
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen *:7580
<IfModule ssl_module>
Listen 7580
</IfModule>
<IfModule mod_gnutls.c>
Listen 7580
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
The access.log file is empty.
The other_vhosts_access.log looks like:
cloud.example.com:443 10.10.0.1 - - [24/Dec/2019:11:39:12 -0600] "GET /index.php HTTP/1.1" 500 3780 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
cloud.example.com:443 10.10.0.1 - - [24/Dec/2019:11:39:32 -0600] "-" 408 3274 "-" "-"
So it looks like even though I'm appending :7580 to the URL it's still trying to access the server on 443.
Is there anything you see in my config or anything you think I can try? I'm extremely confused.
Thanks.