Enabled SSL Security causes Connection refused

[garagesalegizmo]

If I enable 'Require SSL', I can't connect to my application.

In 'Launch Deployment' I checked 'Require SSL' and uploaded certificate (signed by GoDaddy) and the private key (used to generate the CSR for signing authority).

If I enable, Require SSL, the 'STARTING SERVICES' phase takes 25 minutes, but I can't connect (see log below).

If I DON'T enable, Require SSL, (all other configuration the same) the 'STARTING SERVIES' phase takes 5 minutes, but I CAN connect and my application works.

Any ideas on why enabling SSL with my signed certificate doesn't work?

Below is the launch log:

---------------- START --------------
Executing command: Sun Oct 18 21:49:50 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed

2 49907 2 1128 0 0 6466 0 0:00:07 --:--:-- 0:00:07 6466
100 49907 100 49907 0 0 101k 0 --:--:-- --:--:-- --:--:-- 157k
copying aws to /usr/bin/
Stopping MySQL: [FAILED]
Shutting down postfix: [FAILED]
error reading information on service xvfb: No such file or directory
xvfb: unrecognized service
Stopping tomcat5:
Executing command: Sun Oct 18 21:49:51 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:49:52 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed

5 49907 5 2576 0 0 15936 0 0:00:03 --:--:-- 0:00:03 15936
100 49907 100 49907 0 0 114k 0 --:--:-- --:--:-- --:--:-- 174k
copying aws to /usr/bin/
Stopping MySQL: [FAILED]
Shutting down postfix: [FAILED]
error reading information on service xvfb: No such file or directory
xvfb: unrecognized service
Stopping tomcat5:
Executing command: Sun Oct 18 21:49:53 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:49:53 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:49:53 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
installing ...
Thank you for using SpringSource tc Server!
Executing command: Sun Oct 18 21:49:55 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:49:56 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: /sbin/service mysqld stop
Stopping MySQL: [FAILED]
Executing command: Sun Oct 18 21:49:56 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /etc/my.cnf
Executing command: Sun Oct 18 21:49:56 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: /sbin/service mysqld start
Initializing MySQL database: Installing MySQL system tables...
OK
Filling help tables...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h ip-10-243-19-84 password 'new-password'
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

The latest information about MySQL is available on the web at
http://www.mysql.com
Support MySQL by buying support/licenses at http://shop.mysql.com
[ OK ]
Starting MySQL: [ OK ]
Executing command: Sun Oct 18 21:49:59 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: mysql -u root
Executing command: Sun Oct 18 21:49:59 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
tcserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off
Done with tc Server
Executing command: Sun Oct 18 21:49:59 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: mysql prod
Executing command: Sun Oct 18 21:49:59 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: mysql prod
Executing command: Sun Oct 18 21:50:00 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: /sbin/service tcserver stop
Executing command: Sun Oct 18 21:50:00 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:50:00 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:50:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:50:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: rm -f .awssecret ; cat > .awssecret; chmod 0600 .awssecret
Executing command: Sun Oct 18 21:50:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: s3get 060JSJ2DWVRTT3EMTY82/6513c918-6cac-4d1d-aaf1-0e6d4e53be23/1255914508802/ROOT/gsg-0.1.war /var/lib/tcserver-6.0.19.A-solaris-intel-node/tcServer-6.0/tomcat-6.0.19.A/webapps/ROOT.war
Executing command: Sun Oct 18 21:50:12 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: rm -fr /var/lib/tcserver-6.0.19.A-solaris-intel-node/tcServer-6.0/tomcat-6.0.19.A/webapps/ROOT
Executing command: Sun Oct 18 21:50:12 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /var/lib/tcserver-6.0.19.A-solaris-intel-node/tcServer-6.0/tomcat-6.0.19.A/conf/server.xml
Executing command: Sun Oct 18 21:50:13 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix|bash
Executing command: Sun Oct 18 21:50:13 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat >> /etc/sysconfig/tcserver
Executing command: Sun Oct 18 21:50:13 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: rm -fr /var/lib/tcserver-6.0.19.A-solaris-intel-node/tcServer-6.0/tomcat-6.0.19.A/work/Catalina/localhost/ROOT/org
Executing command: Sun Oct 18 21:50:14 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: chkconfig tcserver on
Executing command: Sun Oct 18 21:50:14 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: /sbin/service tcserver start
Executing command: Sun Oct 18 21:50:36 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: wget --spider --tries=10 --retry-connrefused --waitretry=10 http://localhost:8080/
--21:50:37-- http://localhost:8080/
Resolving localhost... 127.0.0.1
Connecting to localhost|127.0.0.1|:8080... connected.
HTTP request sent, awaiting response... 200 OK
Length: 0 [text/html]
200 OK

Executing command: Sun Oct 18 21:51:00 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /etc/httpd/conf/httpd.conf
Executing command: Sun Oct 18 21:51:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /etc/httpd/conf.d/cluster.conf
Executing command: Sun Oct 18 21:51:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /etc/httpd/conf.d/ssl.conf
Executing command: Sun Oct 18 21:51:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /etc/httpd/conf/my.key
Executing command: Sun Oct 18 21:51:01 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: cat > /etc/httpd/conf/my.cert
Executing command: Sun Oct 18 21:51:02 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: chmod 0400 /etc/httpd/conf/my.key
Executing command: Sun Oct 18 21:51:02 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: chmod 0400 /etc/httpd/conf/my.cert
Executing command: Sun Oct 18 21:51:02 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: /usr/sbin/apachectl restart
Apache/2.2.3 mod_ssl/2.2.3 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server ip-10-243-19-84.ec2.internal:443 (RSA)
Enter pass phrase:
Executing command: Sun Oct 18 22:11:03 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: wget --spider --tries=10 --retry-connrefused --waitretry=10 http://localhost:80/
--22:11:03-- http://localhost/
Resolving localhost... 127.0.0.1
Connecting to localhost|127.0.0.1|:80... failed: Connection refused.
Retrying.

--22:11:04-- (try: 2) http://localhost/
Connecting to localhost|127.0.0.1|:80... failed: Connection refused.
Retrying.

--22:11:06-- (try: 3) http://localhost/
Connecting to localhost|127.0.0.1|:80... failed: Connection refused.
Retrying.


--22:11:48-- (try:10) http://localhost/
Connecting to localhost|127.0.0.1|:80... failed: Connection refused.
Giving up.

Executing command: Sun Oct 18 22:11:48 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: wget --no-check-certificate --spider --tries=10 --retry-connrefused --waitretry=10 https://localhost:443/
--22:11:48-- https://localhost/
Resolving localhost... 127.0.0.1
Connecting to localhost|127.0.0.1|:443... failed: Connection refused.
Retrying.


--22:12:33-- (try:10) https://localhost/
Connecting to localhost|127.0.0.1|:443... failed: Connection refused.
Giving up.

Executing command: Sun Oct 18 22:12:35 EDT 2009 : ssh on ec2-75-101-218-102.compute-1.amazonaws.com: dos2unix | bash
dos2unix: converting file /var/lib/ctse/runctse to UNIX format ...
dos2unix: converting file /etc/init.d/ctse to UNIX format ...
adding service
done adding service
Starting CTSE Agent

----------------- END ---------------

[garagesalegizmo]

Apache was timing out due to the private key requiring a pass-phrase in order for apache to start.

The solution was to remove the pass-phrase from the key with the command:

openssl rsa -in website-with-pass-phrase.key -out website-no-pass-phrase.key

Uploaded new SSL cert and key and application launched.