![]() ![]() A INPUT -i virbr0 -p udp -m udp -dport 53 -j ACCEPT Removed masquerading with: >sudo firewall-cmd -zone=public -remove-masquerade -permanent Inet6 fe80::213b:4f37:7851:a058/64 scope link noprefixrouteģ: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 Valid_lft 81698sec preferred_lft 81698sec etc/hosts maps 10.0.0.10 to the host name ping'ing the host name gets a response >ip aġ: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 I suspect that the issue here is my self-signed SSL cert which is known to nginx but not known to firewalld, but I can't seem to find anything that shows how to point firewalld to my CA cert.īesides: sudo systemctl disable firewalldĪny suggestions to get firewalld to accept my SSL connections? I've also tried turning on firewalld logging, but even at log level 10 with all denied, I don't get an entry in the log, after firewalld has started, about the attempted connection. I've tried turning off selinux with: sudo setenforce 0īut same result- https connections are refused when firewalld is enabled. Which gets me to the point where http works but not https when firewalld is enabled. Services: dhcpv6-client http https mdns ssh So now: >sudo firewall-cmd -get-default-zone >sudo firewall-cmd -zone=public -add-masquerade -permanent >sudo firewall-cmd -zone=public -add-service=http -permanent >sudo firewall-cmd -zone=public -add-service=https -permanent I had configured firewalld for http and https as follows: >sudo firewall-cmd -set-default-zone=public So the issue seems be my firewalld configuration. Then I can connect using http but cannot connect using https and get a 'Can't connect to Server' error. If I start firewalld with sudo systemctl start firewalld ![]() Then I connect using http and https from a remote system and get default Welcome to Nginx page. If I stop firewalld with: sudo systemctl stop firewalld I get a connection refused / can't Connect to server when I try and open an SSL connection to nginx. I'm battling with firewalld and SSL on Fedora 29 workstation. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |