Vagrant with https, can't connect from host to guest

2
votes

If I run apache and varnish on vagrant and run the following on the guest and host it works fine:

//guest
wget http://localhost/app_dev.php
//host
wget http://localhost:8080/app_dev.php

My Vagrantfile looks like this:

  config.vm.network "forwarded_port", guest: 80, host: 8080

Now I'll try ssl so change it to

  config.vm.network "forwarded_port", guest: 443, host: 8080

Then on the guest I start httpd, varnish and pound. Now I can't connect anymore from host:

//on guest:
wget --no-check-certificate https://localhost:443/app_dev.php
//results in 200 OK
//on host
wget --no-check-certificate https://localhost:8080/app_dev.php
//results in
//--2014-06-22 23:43:34--  https://localhost:8080/app_dev.php
//Resolving localhost (localhost)... 127.0.0.1
//Connecting to localhost (localhost)|127.0.0.1|:8080... connected.
//Unable to establish SSL connection.

Not sure what the problem is here, is it not allowed to create ssh over 8080?

When trying the following in Vagrantfile

  config.vm.network "forwarded_port", guest: 443, host: 443

I get a warning while starting up:

==> default: You are trying to forward to privileged ports (ports <= 1024). Most
==> default: operating systems restrict this to only privileged process (typically
==> default: processes running as an administrative user). This is a warning in case
==> default: the port forwarding doesn't work. If any problems occur, please try a
==> default: port higher than 1024.

But still the same error when trying a wget from host.

Is it possible to make https connection from host to guest with vagrant? If so then how?

I'm using the fedora 20 box. Tried with the following settings in Vagrantfile:

  config.vm.network "private_network", ip: "33.33.33.10"

Then added to my hosts

33.33.33.10     site

When I start httpd, varnish and pound on the guest (httpd listens to 8080, varnish to 80 and Pound to 443) I can get http:site/, http:site:8080 but no https:site (had to remove // or can't post it) where a wget from guest works (response 200 with expected html)

On the guest I've tried

iptables -A INPUT -p tcp --dport 443 -j ACCEPT

But same result, I can't think of a reason why Vagrant fedora box would have https port blocked though but it could be as I've got no idea how to use iptables.

1
httpsvagrantvagrantfile

1 Answers

0
votes

It was a problem in pound, the /etc/pound.cfg looked like:

ListenHTTPS
    Address localhost
    Port    443

changed to:

ListenHTTPS
    Address 33.33.33.10
    Port    443

Solved the problem