This discussion is archived
7 Replies Latest reply: May 3, 2013 4:32 AM by Colm Divilly RSS

Enable SSL / HTTPS, get HTTP error message 403 (forbidden)

JP_1442650 Newbie
Currently Being Moderated
Hello forummembers,

I try to enable HTTPS, I have a valid certificate installed, and it works fine when I connect to the server within our company.

But from outside our company (e.g. sitting in my customers office) I can't get a connection over https (while http is working fine).
Using Internet Explorer, I get 'Internet Explorer cannot display the webpage', clicking 'Diagnose Connection problems' will give 'Windows received an HTTP error message: 403 (forbidden)'

Using chrome, I get 'This webpage is not available' with
'Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error.'

Has anybody an idea how to troubleshoot this?
  • 1. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    AndyH Journeyer
    Currently Being Moderated
    JP_1442650 wrote:
    Hello forummembers,

    I try to enable HTTPS, I have a valid certificate installed, and it works fine when I connect to the server within our company.

    But from outside our company (e.g. sitting in my customers office) I can't get a connection over https (while http is working fine).
    Using Internet Explorer, I get 'Internet Explorer cannot display the webpage', clicking 'Diagnose Connection problems' will give 'Windows received an HTTP error message: 403 (forbidden)'
    Perhaps you have a company firewall that is blocking incoming HTTPS?
  • 2. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    JP_1442650 Newbie
    Currently Being Moderated
    Hi Andy,

    Thanks for the reply.
    It could be some firewall problem, but HTTPS in general is not blocked.
    E.g I can access Gmail, and also this very forums.oracle.com is https which I can access from my customers office.

    That's why I'm wondering if there's anything wrong with our https setup, what may trigger the firewall.
    I'm running Apex 4.2, with Apex listener 1.4 under Glassfish 3.2.1.
    I have a valid SSL certificate.

    How to test what could be wrong with our server?
  • 3. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    Udo Guru
    Currently Being Moderated
    Hi,
    It could be some firewall problem, but HTTPS in general is not blocked.
    E.g I can access Gmail, and also this very forums.oracle.com is https which I can access from my customers office.
    I think the question was more related to incoming HTTPS connections (port 443 TCP) on the network you've deployed your APEX Listener at. Does your host have a public IP adress at all or is there a NAT rule that forwards incoming connections to your host?

    -Udo
  • 4. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    JP_1442650 Newbie
    Currently Being Moderated
    Hi Udo,

    Thanks for the reply.
    There is NAT from the internet to an internal IP adress to my host.

    Is there something special I should set for port 443?

    My apex login is not using port 443 directly, the address is like
    https://www.server:8199/apex/f?p=119:1

    The strange thing is, that in some places I can connect to our site, but not from everywhere.
  • 5. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    Colm Divilly Journeyer
    Currently Being Moderated
    JP_1442650 wrote:
    Hi Udo,

    Thanks for the reply.
    There is NAT from the internet to an internal IP adress to my host.

    Is there something special I should set for port 443?

    My apex login is not using port 443 directly, the address is like
    https://www.server:8199/apex/f?p=119:1
    Then I would guess a firewall in the middle is not allowing https over port 8199, it's pretty unusual to see https over anything other than the standard port of 443, try switching to the proper https port of 443, many firewalls are configured to only allow traffic on port 80 (http) and 443 (https).
    The strange thing is, that in some places I can connect to our site, but not from everywhere.
  • 6. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    JP_1442650 Newbie
    Currently Being Moderated
    I can try the port which is used as standard by Glassfish (8181), I can try 443 as well but I doubt if I can open that port.
    Even if I can open it, isn't is more vulnerable for hackers then?

    Thanks.
  • 7. Re: Enable SSL / HTTPS, get HTTP error message 403 (forbidden)
    Colm Divilly Journeyer
    Currently Being Moderated
    JP_1442650 wrote:
    I can try the port which is used as standard by Glassfish (8181), I can try 443 as well but I doubt if I can open that port.
    Even if I can open it, isn't is more vulnerable for hackers then?

    Thanks.
    To stop hackers, firewalls are usually locked down to allow only 80 and 443 as the only open ports. It sounds like you may need to consider seeking advice of someone experienced in configuring public facing HTTPS sites.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points