Webmail with HTTPS not working

I have recently install hestiacp on my VPS server Ubuntu(22.04) pretty much everything is working fine but i am not able to access webmail with
https://webmail.example.com

when i turns off ssl for mail domain it works fine i am to access
http://webmail.example.com

but with the ssl for mail domain on it stops working the web page just keep loading and then timeout

Any help is appreciated
Thank you

Are you using Cloudflare?

1 Like

Yes i am using cloudflare nameservers and i have added all the records from DNS zone to the cloudflare DNS and have not proxied the webmail, mail domain
both webmail and mail domain are pointing to IP address of the server

The webmail hostname doesn’t need to be DNS Only as it is only used for web traffic. You will want ensure that you have a valid certificate installed on your HestiaCP server (Lets Encrypt is fine) and your Cloudflare encryption is set to Full (strict).

Keep the mail hostname as DNS Only.

1 Like

OK i keep the mail as DNS only and webmail to be proxy by cloudflare but the issue is still the same Connection timed out.

If i turn uncheck enable ssl for this domain then i am able to access the roundcube/snappymail

If i turn uncheck enable ssl for this domain then i am able to access the roundcube/snappymail

The port 443 is closed in your server. There is no firewall rule to accept incoming connections to port 443 or nginx is not starting correctly.

Show the output of these commands (as root):

v-list-firewall
systemctl status nginx --no-pager -l
2 Likes

Output of

v-list-firewall
systemctl status nginx --no-pager -l

Works fine after i turns of the SSL for mail domain without https

Active the ssl again and once done check if nginx is listening on port 443.

lsof -Pn +c0 -i:443 -sTCP:LISTEN

Also, check if your server provider has an external firewall.

2 Likes

nginx is listening fine on port 443 i think 443 is blocked by my vps provider or provider firewall.
Let me check with the server provider.

1 Like

Ok, also check whether ufw (default Ubuntu’s firewall manager) is active in your Ubuntu server.

ufw status

And if it is, disable it:

ufw disable

The issue has bee resolved.

443 was block by the server provider and this is super weird why they block very common port.

Ubuntu default firewall manager is not installed

ufw status

2 Likes

If it is blocked by your provider check their firewall settings