How should I resolve the following error message? (111)Connection refused: AH00957: HTTPS: attempt to connect to 127.0.0.1:5001 (127.0.0.1) failed
13,160
Try the following code that enables HTTPD scripts and modules to connect to the network.
/usr/sbin/setsebool -P httpd_can_network_connect 1
Related videos on Youtube
Comments
-
Connor Willoughby almost 2 years
As mentioned I am receiving the following error message in my apache logs.
[Sat Jun 22 12:57:53.746190 2019] [proxy:error] [pid 10299:tid 140435221571328] (111)Connection refused: AH00957: HTTPS: attempt to connect to 127.0.0.1:5001 (127.0.0.1) failed [Sat Jun 22 12:57:53.746228 2019] [proxy:error] [pid 10299:tid 140435221571328] AH00959: ap_proxy_connect_backend disabling worker for (127.0.0.1) for 60s [Sat Jun 22 12:57:53.746233 2019] [proxy_http:error] [pid 10299:tid 140435221571328] [client myip:65168] AH01114: HTTP: failed to make connection to backend: 127.0.0.1
When deploying with code-pipline I see no error messages.
I have tried all of the following;
- Restarting and rebuilding my application.
- Adjusting the launchSettings.json file in my ASP project.
- Adjusting the ports and enabling / disabling HTTPS redirect in my Program class.
- Adjusting my vhsosts file in apache.
Here are some important files for you to browse;
launchSettings.json
{ "iisSettings": { "windowsAuthentication": false, "anonymousAuthentication": true, "iisExpress": { "applicationUrl": "https://localhost:44335", "sslPort": 44335 } }, "profiles": { "IIS Express": { "commandName": "IISExpress", "launchBrowser": true, "environmentVariables": { "ASPNETCORE_My_Environment": "1", "ASPNETCORE_DETAILEDERRORS": "1", "ASPNETCORE_ENVIRONMENT": "Development" } }, "ProjectName": { "commandName": "Project", "launchBrowser": true, "applicationUrl": "https://localhost:5001;http://localhost:5000", "environmentVariables": { "ASPNETCORE_ENVIRONMENT": "Production" } } } }
/etc/apache2/sites-enabled/000-default.conf
<VirtualHost *:80> ProxyPreserveHost On ProxyPass "/" "http://127.0.0.1:5000/" ProxyPassReverse "/" "http://127.0.0.1:5000/" </VirtualHost>
/etc/apache2/sites-enabled/000-default-le-ssl.conf
<IfModule mod_ssl.c> <VirtualHost *:443> SSLEngine on SSLProxyEngine on ProxyPreserveHost On ProxyPass "/" "https://127.0.0.1:5001/" ProxyPassReverse "/" "https://127.0.0.1:5001/" ServerName mydomain.com Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/mydomain.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem </VirtualHost> </IfModule>
Startup.cs
public void ConfigureServices(IServiceCollection services) { var logger = _loggerFactory.CreateLogger<Startup>(); logger.LogInformation($"Environment: {_env.EnvironmentName}"); // Development service configuration if (_env.IsDevelopment()) { logger.LogInformation("Development environment"); services.Configure<ForwardedHeadersOptions>(options => { options.KnownProxies.Add(IPAddress.Parse("127.0.0.1")); }); services.AddHttpsRedirection(options => { options.RedirectStatusCode = StatusCodes.Status307TemporaryRedirect; options.HttpsPort = 44335; }); } // Live Service Config if (!_env.IsDevelopment()) { services.AddHttpsRedirection(options => { options.RedirectStatusCode = StatusCodes.Status308PermanentRedirect; options.HttpsPort = 5001; }); services.Configure<ForwardedHeadersOptions>(options => { options.KnownProxies.Add(IPAddress.Parse("127.0.0.1")); }); services.AddHsts(options => { options.Preload = true; options.IncludeSubDomains = true; options.MaxAge = TimeSpan.FromDays(60); }); } //lines removed for berevity. } public void Configure(IApplicationBuilder app, IHostingEnvironment env) { // Dev Envoronments if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); app.UseHttpsRedirection(); } if (env.IsProduction()) { app.UseExceptionHandler("/Home/Error"); app.UseHsts(); app.UseForwardedHeaders(new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }); } app.UseHttpsRedirection(); //lines removed for berevity. }
If you need any more information please let me know.
EDIT: Server: EC2 Ubuntu (Build via Code Star), Web service: Apache, Project Code: asp.net core 2.1, SSL Certificates: LetsEncrypt, Proxy: Not 100% sure.
-
Nic3500 almost 5 yearsIf it cannot connect to itself (127.0.0.1) on port 5001, it could just be that port 5001 is not listening to requests? Is there an application associated to port 5001? Is it running? Also did you configure your OS to allow connections to 5001?
-
Connor Willoughby almost 5 yearsSo, i have opened the ports.conf, the application is set listen to 5000 then https redirect to 5001. When you say os, im not surewhat you mean? The EC2 security group allows 80 and 443 traffic, when navigating to the domain this works fine, the ssl also works however i hit the 503 error message and also see the above mentioned error messages.
-
Nic3500 almost 5 yearsOS, operating system. If your security group allows 80 and 443, shouldn't is also allow 5000 and 5001? I am not a EC2 expert, I do not know if the security group applies to connections to itself or not...