Website Returns 521 Error (OpenSSL/1.1.0g) Issue

February 18, 2019 491 views
Apache Ubuntu

I've been trying to get SSL running on my domain. I believe I have Apache set up properly and installed Lets Encrypt using DO's official tutorial. Before the websiter is working correctly with http and https requests but now i everytime get sich kind of 521 error (web servber is down): http://prntscr.com/mmpehl

Also I check all ports and here is the info: http://prntscr.com/mmp9c6
Also I cehck the log and see this:

[Mon Feb 18 06:25:05.241057 2019] [mpm_prefork:notice] [pid 17889] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.0g configured -- resuming normal operations
[Mon Feb 18 06:25:05.241126 2019] [core:notice] [pid 17889] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 18 06:41:57.739447 2019] [mpm_prefork:notice] [pid 17889] AH00169: caught SIGTERM, shutting down
[Mon Feb 18 06:41:57.923695 2019] [mpm_prefork:notice] [pid 26327] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.0g configured -- resuming normal operations
[Mon Feb 18 06:41:57.923795 2019] [core:notice] [pid 26327] AH00094: Command line: '/usr/sbin/apache2'
[Mon Feb 18 07:38:40.007136 2019] [mpm_prefork:notice] [pid 26327] AH00169: caught SIGTERM, shutting down
[Mon Feb 18 07:38:40.182897 2019] [mpm_prefork:notice] [pid 27472] AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.0g configured -- resuming normal operations
[Mon Feb 18 07:38:40.182996 2019] [core:notice] [pid 27472] AH00094: Command line: '/usr/sbin/apache2'

If you can help me understand what needs to be done to fix this issue I would greatly appreciate it.

Maybe something wrong with files from this directory: /etc/apache2/sites-available/ ?

Thank in advance.

3 Answers
jarland MOD February 18, 2019
Accepted Answer

Hey friend,

I might suggest that the server isn't responding to external requests on port 443. What happens if you run this inside the droplet?

curl -I https://localhost

If you get "Connection refused" then you know Apache isn't listening on 443, and I would go over that LetsEncrypt tutorial again and see if any steps may have been missed or if an error occurred along the way that was just easily overlooked.

If you get headers and not connection refused, I might suggest that the problem exists outside of the droplet, given that the ports are clearly open in your firewall. Perhaps DNS propagation and your browser is trying to load from a different server?

Jarland

Have another answer? Share your knowledge.