SSL on custom port beside the hostname

[ASghostKI]

Hello,

I have a VPS with Directadmin, allong with an app running on docker on a custom port,
I have a subdomain pointing to my VPS ip, so I use http://sub.domain.com:XXXX to communicate with my app and it's working correctly,
what I'm trying to do is to add ssl to this so I can use https://sub.domain.com:XXXX

Note that the parent domain (of that sub) is on Directadmin too, and it already got a working wildcard Let's Encrypt certificate.
but when I hit the https://sub.domain.com:XXXX I get ERR_SSL_PROTOCOL_ERROR

 

[kristian]

but when I hit the https://sub.domain.com:XXXX I get ERR_SSL_PROTOCOL_ERROR

Unless you proxy traffic to this custom port through apache or nginx, the only endpoint to perform the SSL handshake is your app. The app must have access to the certificate/key files, in order to present the (I'm guessing) DA-generated certificate. It could be related to cipher support in your app as well. I don't think we have enough information to provide any further help that doesn't involve wildly guessing. Some more logs would be useful.

 

[ASghostKI]

Thanks for the answer, I will look into that, it seems weird to me because that same app was working for me earlier on a different server (DA also installed).
Anyway what logs I can provide that would be useful ?

 

[ASghostKI]

directadmin error.log has this :

2020:11:08-18:12:02: Can't connect to ssl!
2020:11:08-18:12:02: ->syscall
2020:11:08-18:38:43: Can't connect to ssl!
2020:11:08-18:38:43: ->syscall
2020:11:09-01:09:40: Can't connect to ssl!
2020:11:09-01:09:40: ->syscall
2020:11:09-02:01:13: Can't connect to ssl!
2020:11:09-02:01:13: ->syscall
2020:11:09-02:44:19: Timeout (handshake_timeout=12) from 209.17.97.98 : last flagged: Sockets::handshake :
2020:11:09-03:03:37: Can't connect to ssl!
2020:11:09-03:03:37: ->syscall
2020:11:09-03:13:25: Can't connect to ssl!
2020:11:09-03:13:25: ->syscall
2020:11:09-07:20:10: Can't connect to ssl!
2020:11:09-08:04:48: Can't connect to ssl!
2020:11:09-08:19:52: Can't connect to ssl!
2020:11:09-08:19:52: ->syscall
2020:11:09-08:49:26: Can't connect to ssl!
2020:11:09-10:07:14: Can't connect to ssl!
2020:11:09-10:07:14: ->syscall
2020:11:09-10:40:19: Can't connect to ssl!
2020:11:09-10:40:19: ->syscall
2020:11:09-11:09:30: Can't connect to ssl!
2020:11:09-11:09:30: ->syscall
2020:11:09-12:36:26: Can't connect to ssl!
2020:11:09-12:36:26: ->syscall
2020:11:09-12:51:36: Can't connect to ssl!
2020:11:09-12:51:36: ->syscall
2020:11:09-13:32:49: Can't connect to ssl!
2020:11:09-13:32:49: ->syscall

I'm not really sure if it related, but it seems it's not because of those dates (I only tried to connect the app with https several time now and nothing gets added to the logs )

 

[kristian]

As long as the connection is between a client somewhere and your docker app, Directadmin and its software has nothing to do with any errors that may occur. If the client and your app can't talk to each other, then only the client or your app can tell you why. The client should be able to tell you if the certificate it receives from the app is not valid, and the client and app should be able to tell you if there's an issue with the handshake (e.g. can't agree on ciphers).