cannot connect to new virtualmin service on port 10000, error "SSL error"

Submitted by responsiveny on Tue, 02/10/2015 - 08:34

Hi, Fresh install of VirtualMin Pro on AWS minimal Centos 6.5 x64 AMI from Centos.org

Install went fine with no errors.

Cannot connect to virtualmin on port 10000 to complete the install.

links shows:

Unable to retrieve https://localhost:10000 SSL error

I know webmin is running on 10000 because if I links to http port (80) I get message to try the https port.

Status: 
Closed (fixed)

Comments

Submitted by JamieCameron on Tue, 02/10/2015 - 19:15

What is the full error message you are seeing in your browser?

Also, which browser are you using?

Submitted by responsiveny on Tue, 02/10/2015 - 21:22

The browser is "links" on the cli of the VirtualMin server. I cannot connect remotely via port 10000

Submitted by andreychek on Tue, 02/10/2015 - 21:36

What happens if you remotely try to access port 10000?

Also, what is the output of these two commands:

netstat -an | grep :10000
iptables -L -n

Submitted by responsiveny on Tue, 02/10/2015 - 22:18

Trying to remote access from another computer via https times out.

Here is the result of the commands:

# netstat -an | grep :10000
tcp        0      0 0.0.0.0:10000               0.0.0.0:*                   LISTEN      
udp        0      0 0.0.0.0:10000               0.0.0.0:*   
# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:20 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:21 
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:20000 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:10000 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:443 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:993 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:143 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:995 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:110 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:20 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:587 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:25 
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Submitted by JamieCameron on Tue, 02/10/2015 - 22:38

The problem might be that links doesn't allow self-signed SSL certs by default, which is what Virtualmin generates at installation time.

Submitted by andreychek on Tue, 02/10/2015 - 22:40

Yeah, locally, links is likely not handling the self-signed SSL cert.

As far as why you can't access it remotely -- Virtualmin does appear to be running and listening for remote connections.

It doesn't appear that the firewall on your server would be blocking port 10000. Is it possible that your ISP is blocking that port?

Submitted by responsiveny on Tue, 02/10/2015 - 22:47

It was my fault. I didn't allow port 10000 inbound via the firewall. Thanks