We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
port 8083 refused
-
- Posts: 12
- Joined: Sun Sep 03, 2017 5:43 pm
- Contact:
- Os: Debian 7x
- Web: apache + nginx
port 8083 refused
Hi,
I have a problem since today (i have checked today).
if i go to https://mydomain:8083 get i connection refused but evertying else work just fine includes remote db.
I have checked if port 8083 was closed by a portchecker website and it says yes it is closed but in my firewall (iptables) is it open. I have added a new rule and saved but it says again is closed...
What did i wrong?
I use vestacp on debian 8.
I have a problem since today (i have checked today).
if i go to https://mydomain:8083 get i connection refused but evertying else work just fine includes remote db.
I have checked if port 8083 was closed by a portchecker website and it says yes it is closed but in my firewall (iptables) is it open. I have added a new rule and saved but it says again is closed...
What did i wrong?
I use vestacp on debian 8.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: port 8083 refused
Did you try restarting VestaCP ?
or try rebooting your server once
Are you hosting this VPS on a cloud platform like Digital Ocean, AWS, Google Cloud or something ? if so, they usually have their own firewall that you have to also open and forward ports.
Code: Select all
systemctl restart vesta
Are you hosting this VPS on a cloud platform like Digital Ocean, AWS, Google Cloud or something ? if so, they usually have their own firewall that you have to also open and forward ports.
-
- Posts: 12
- Joined: Sun Sep 03, 2017 5:43 pm
- Contact:
- Os: Debian 7x
- Web: apache + nginx
Re: port 8083 refused
it works fine 2 days ago but i changed my hostname. I host it on a VPS from host4fun so i have my own firewall. port is open in iptables but everywhere closed and multi times rebooted
-
- Posts: 12
- Joined: Sun Sep 03, 2017 5:43 pm
- Contact:
- Os: Debian 7x
- Web: apache + nginx
Re: port 8083 refused
I have fixed was a SSL problem where vesta wont start.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: port 8083 refused
yeah... that was my first suspect, that VestaCP Web Service is not running and listening on that port.
Glad you fixed it.
Please mark the topic solved by ticking the sign to green.
Glad you fixed it.
Please mark the topic solved by ticking the sign to green.
-
- Posts: 14
- Joined: Sun Sep 24, 2017 6:00 am
Re: port 8083 refused
Could you possibly elaborate on your issue/fix? I've just ran into a similar problem. I recently changed the servers hostname and SSL certificates as they were incorrectly setup during installation and the certificate wasn't pointing to the correct domain so emails were throwing up insecure warnings.. Everything seemed to be working fine after I changed and updated the details.slaapkopamy wrote:I have fixed was a SSL problem where vesta wont start.
I was still able to access the vestaCP on port 8083...
I came to check on the control panel today on same port and I get err connection refused.
I attempted to do a manual restart of vesta via terminal by typing
Code: Select all
service vesta restart
Clearly I've misconfigured something to do with the SSL keys stopping vestaCP from accepting connections. I'm not quite sure why this issue didn't surface straight away as the webserver has remained in the same state as it did when I first made the changes I think the only thing that has changed since is the IP I'm connecting to the server from but that shouldn't be an issue as I imagine the 8083 port isn't restricted to a specific IP as that would require accessing the control panel from a static IP all the time...Code: Select all
[....] Restarting vesta-nginx: vesta-nginxnginx: [emerg] SSL_CTX_use_PrivateKey_file("/usr/local/vesta/ssl/certificate.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
Hopefully someone can point me in the right direction here?
Thanks
-
- Posts: 14
- Joined: Sun Sep 24, 2017 6:00 am
Re: port 8083 refused
Managed to get it working (not sure if the fix is a permenant solution or if it just managed to get the control panel accessible again but hopefully at the bare minimum its repeatable if the issue persists until a full fix is found)JakeTheDog420 wrote:Could you possibly elaborate on your issue/fix? I've just ran into a similar problem. I recently changed the servers hostname and SSL certificates as they were incorrectly setup during installation and the certificate wasn't pointing to the correct domain so emails were throwing up insecure warnings.. Everything seemed to be working fine after I changed and updated the details.slaapkopamy wrote:I have fixed was a SSL problem where vesta wont start.
I was still able to access the vestaCP on port 8083...
I came to check on the control panel today on same port and I get err connection refused.
I attempted to do a manual restart of vesta via terminal by typingand I got the following error backCode: Select all
service vesta restart
Clearly I've misconfigured something to do with the SSL keys stopping vestaCP from accepting connections. I'm not quite sure why this issue didn't surface straight away as the webserver has remained in the same state as it did when I first made the changes I think the only thing that has changed since is the IP I'm connecting to the server from but that shouldn't be an issue as I imagine the 8083 port isn't restricted to a specific IP as that would require accessing the control panel from a static IP all the time...Code: Select all
[....] Restarting vesta-nginx: vesta-nginxnginx: [emerg] SSL_CTX_use_PrivateKey_file("/usr/local/vesta/ssl/certificate.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
Hopefully someone can point me in the right direction here?
Thanks
First step is to find a working set of SSL keys. I wasn't sure where to find these or but I re-issued my command v-add-letsencrypt-domain mydomain.com alias.mydomain.com serverip hoping that it would work.
Now when that didn't work and I saw the error was about an SSL mismatch my assumption was maybe the command is issuing new keys but not updating the server so the wrong keys were getting used...
The directory with the keys that are created upon the v-add command is /home/[USER]/[YOURDOMAIN]/conf/web/
Here you will find at least one .key and one .crt file.
I actually had 8files all with the SSL prefix.
Choosing which one to use felt like mostly guess work as it seems that it generated seperate ssl keys for each of my domains I specified even though one was a subdomain and the other was my server IP and they were supposed to be made as an alias.. I decided to go with my subdomain key and crt file.
I then proceeded to make a backup of the current SSL files vesta was referring to. I did this twice once locally on the server and then again externally on my local machine. I used SSH to make the backup files.
CD to /usr/local/vesta/ssl/
cp certificate.crt certificate.crt.bkup
cp certificate.key certificate.key.bkup
Then you can FTP into your server and go to the same directory and download either the original or the backup files to your local machine. They should be the same so eithers fine. Then proceed to delete the original cert.key and cert.crt files leaving only the .bkups on your server.
From here return to your SSH terminal session and change directory again if you're in the vesta/ssl directory back to your user directory which contains your SSL keys.
Simply copy them over using the cp command again example below:
cp subdomain.domain.com.crt /usr/local/vesta/ssl/certificate.crt
cp subdomain.domain.com.key /usr/local/vesta/ssl/certificate.key
This will create a copy with the correct name in the vesta ssl directory.
Last step is simply to restart the vestaCP service and prey that you get the OK on both nginx and vestaphp service's this time!
I can confirm this fixed my mismatch and allowed the vesta service to restart. Once restarted my serverIP:8083 was accessible again however displayed a SSL insecure warning showing the certificate is registered to my subdomain.
I can also confirm if I access the vesta control panel via subdomain.domain.com:8083 I go straight to the login page and see a green padlock confirming the page is being loaded securely.
Hopefully this fixes it if anyone else runs into similar problems! Shame this forum isn't more active I feel like vesta has a lot to offer but without an active community many people probably move to cpanel or possibly even other free options with more active communities.. Anyway I'll post this in the other places I saw similar issues where I posted looking for help here so maybe it can help others (Y)