Use port 443 for both openvpn https and ssl

Use port 443 for both openvpn https and ssl

In this tutorial, I will show how to use the same port (443) for both openvpn and https. I will start from a fresh virtual Debian 8 install. I have used several sources for this tutorial but more specifically : for the sslh configuration and for the apache2 configuration.

Install apache

sudo aptitude install apache2

Install a default https page (this is just for testing purposes)

sudo a2ensite default-ssl
sudo a2enmod ssl

Restart apache

sudo service apache2 restart

Check your ip address

ip addr

Open a browser and navigates to https://[your ip address], accept all the warnings and you should see apache’s default page.

sudo aptitude install sslh

Choose standalone

You then have to change the settings of /etc/default/sslh:

# allow start at boot
 # wait for 2 seconds to avoid error
 # options for listen & forward
DAEMON_OPTS="-u sslh -p [your_ip]:443 --ssh --openvpn --ssl -P /var/run/"

Restart sslh

sudo service sslh restart

By default, apache listen to the connections comming from the interface. We are going to change it so that it only listens to the connection on localhost. Edit /etc/apache2/ports.conf and change the config of the ssl_module and the mod_gnutls.c to :

<IfModule mod_ssl.c>
 <IfModule mod_gnutls.c>

Restart apache

sudo service apache2 restart

If everything is setup correctly, you should be able to connect to the https page and to ssh to your host using port 443.


Leave a Reply

Your email address will not be published. Required fields are marked *