Ballyhoot's picture

I'm using proxmox 7.1-7, Turnkey Linux WordPress containers 17.1-1. I have nginx proxy manager in front. No errors in Nginx logs. The issue started when I moved my websites to 17.1 from 16.1. I made the move because I needed php7.4. I still have 1 website on 16.1 and it works fine on all devices. Getting connection refused. Like it can't parse the response. I spun up a brand new container with no plugins installed to test, it does the same thing. I assume it has something to do with TLS. 

Apache System logs show this when an iOS device tries to connect:

Service [webmin] connected remote server from
transfer: s_poll_wait: TIMEOUTclose exceeded: closing
Connection closed: 578 byte(s) sent to TLS, 828 byte(s) sent to socket

Jeremy Davis's picture

I'm not 100% sure, but I suspect that you may be right. One way that you might be able to double check is if you can connect via plain http? (IIRC you should be able to access vanilla http if you explicitly browse to it).

FYI, we use the Mozilla SSL Configuration Generator "Intermediate" settings. It sounds like you might need the "Old" settings (that link should take you to a page that I've pre-filled Apache and OpenSSL versions and selected "old").

The parts from that which you'll want to copy are "SSLCipherSuite" and possibly "SSLProtocol" (you might also want to update "SSLHonorCipherOrder" too). The file on your server that you'll need to edit is /etc/apache2/mods-available/ssl.conf. Once you've updated as desired, then be sure to restart Apache:

systemctl restart apache2

Hopefully that helps?!

Add new comment