Webmail with HTTPS not working

ahmedhaseeb · April 2, 2024, 11:15am

I have recently install hestiacp on my VPS server Ubuntu(22.04) pretty much everything is working fine but i am not able to access webmail with
https://webmail.example.com

when i turns off ssl for mail domain it works fine i am to access
http://webmail.example.com

but with the ssl for mail domain on it stops working the web page just keep loading and then timeout

Any help is appreciated
Thank you

eris · April 2, 2024, 12:34pm

Are you using Cloudflare?

ahmedhaseeb · April 2, 2024, 12:58pm

Yes i am using cloudflare nameservers and i have added all the records from DNS zone to the cloudflare DNS and have not proxied the webmail, mail domain
both webmail and mail domain are pointing to IP address of the server

linkp · April 2, 2024, 4:20pm

The webmail hostname doesn’t need to be DNS Only as it is only used for web traffic. You will want ensure that you have a valid certificate installed on your HestiaCP server (Lets Encrypt is fine) and your Cloudflare encryption is set to Full (strict).

Keep the mail hostname as DNS Only.

ahmedhaseeb · April 2, 2024, 5:13pm

OK i keep the mail as DNS only and webmail to be proxy by cloudflare but the issue is still the same Connection timed out.

If i turn uncheck enable ssl for this domain then i am able to access the roundcube/snappymail

ahmedhaseeb · April 2, 2024, 5:13pm

If i turn uncheck enable ssl for this domain then i am able to access the roundcube/snappymail

sahsanu · April 2, 2024, 5:19pm

The port 443 is closed in your server. There is no firewall rule to accept incoming connections to port 443 or nginx is not starting correctly.

Show the output of these commands (as root):

v-list-firewall
systemctl status nginx --no-pager -l

ahmedhaseeb · April 2, 2024, 5:38pm

Output of

v-list-firewall
systemctl status nginx --no-pager -l

ahmedhaseeb · April 2, 2024, 5:40pm

Works fine after i turns of the SSL for mail domain without https

sahsanu · April 2, 2024, 5:42pm

Active the ssl again and once done check if nginx is listening on port 443.

lsof -Pn +c0 -i:443 -sTCP:LISTEN

Also, check if your server provider has an external firewall.

ahmedhaseeb · April 2, 2024, 6:30pm

nginx is listening fine on port 443 i think 443 is blocked by my vps provider or provider firewall.
Let me check with the server provider.

sahsanu · April 2, 2024, 8:24pm

Ok, also check whether ufw (default Ubuntu’s firewall manager) is active in your Ubuntu server.

ufw status

And if it is, disable it:

ufw disable

ahmedhaseeb · April 3, 2024, 6:39am

The issue has bee resolved.

443 was block by the server provider and this is super weird why they block very common port.

Ubuntu default firewall manager is not installed

ufw status

eris · April 4, 2024, 11:53am

If it is blocked by your provider check their firewall settings

system · May 4, 2024, 11:54am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.