apache2 的https配置和代理https后端nodejs配置
先进入 /usr/local/apache2/conf 目录
修改 vim httpd.conf 把下面的去掉注释
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
Include conf/extra/httpd-ssl.conf
然后进入/usr/local/apache2/conf/extra
编辑vim httpd-ssl.conf
把原来的 <VirtualHost 删除
加入如下配置
<VirtualHost *:443>
ServerName www.hp_nova2.com
ServerAlias www.hp_nova2.com
SSLEngine on
SSLProxyEngine On
SSLProxyVerify none
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
# SSLCertificateFile "Path1"
SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
# SSLCertificateKeyFile "Path2"
# SSLCertificateChainFile "Path3"
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyRequests Off
<Location />
ProxyPass https://15.31.213.137:443/
ProxyPassReverse https://15.31.213.137:443/
</Location>
</VirtualHost>
然后在/usr/local/apache2/conf/拷贝进去server.crt和server.key
(具体server.crt和server.key生成方式请参考我前面的文章使用openssl生成的证书,需要保证apache配置的证书和nodejs还有springboot配置的证书一样)
然后重启apache 执行 bin/apachectl start
问题:启动apache后访问发现报错500
查看apache的日志error.log发现
[Tue Apr 30 13:38:55.077682 2019] [proxy_http:error] [pid 12090] [client 15.38.244.222:63285] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.244096 2019] [proxy:error] [pid 12089] (502)Unknown error 502: [client 15.38.244.222:63287] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:55.244214 2019] [proxy:error] [pid 12089] [client 15.38.244.222:63287] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:55.244225 2019] [proxy_http:error] [pid 12089] [client 15.38.244.222:63287] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:55.277609 2019] [proxy:error] [pid 12093] (502)Unknown error 502: [client 15.38.244.222:63288] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.277707 2019] [proxy:error] [pid 12093] [client 15.38.244.222:63288] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.277718 2019] [proxy_http:error] [pid 12093] [client 15.38.244.222:63288] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.441908 2019] [proxy:error] [pid 12092] (502)Unknown error 502: [client 15.38.244.222:63290] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:55.441979 2019] [proxy:error] [pid 12092] [client 15.38.244.222:63290] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:55.441990 2019] [proxy_http:error] [pid 12092] [client 15.38.244.222:63290] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:55.472712 2019] [proxy:error] [pid 12091] (502)Unknown error 502: [client 15.38.244.222:63289] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.472811 2019] [proxy:error] [pid 12091] [client 15.38.244.222:63289] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.472822 2019] [proxy_http:error] [pid 12091] [client 15.38.244.222:63289] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.009281 2019] [proxy:error] [pid 12090] (502)Unknown error 502: [client 15.38.244.222:63291] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:58.009379 2019] [proxy:error] [pid 12090] [client 15.38.244.222:63291] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:58.009390 2019] [proxy_http:error] [pid 12090] [client 15.38.244.222:63291] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:58.038419 2019] [proxy:error] [pid 12089] (502)Unknown error 502: [client 15.38.244.222:63292] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.038519 2019] [proxy:error] [pid 12089] [client 15.38.244.222:63292] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.038530 2019] [proxy_http:error] [pid 12089] [client 15.38.244.222:63292] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:39:14.614789 2019] [proxy:error] [pid 12092] (502)Unknown error 502: [client 15.38.244.222:63293] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:39:14.614914 2019] [proxy:error] [pid 12092] [client 15.38.244.222:63293] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:39:14.614958 2019] [proxy_http:error] [pid 12092] [client 15.38.244.222:63293] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:39:14.646786 2019] [proxy:error] [pid 12093] (502)Unknown error 502: [client 15.38.244.222:63294] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
最后网上查了下在httpd-ssl.conf中的VirtualHost加入如下配置,重启apache解决
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
转载于:https://www.cnblogs.com/xiaohanlin/p/10795465.html
apache2 的https配置和代理https后端nodejs配置相关推荐
- Nginx系列之使用ssl模块配置支持代理HTTPS链接
Nginx系列之使用ssl模块配置支持HTTPS访问 1.博客前言介绍 最近在用nginx代理https的第三方链接,因为不是做运维,所以对nginx并不是特殊熟悉,所以到处询问摸索了挺久 2.查看s ...
- ubuntu配置DNS代理
ubuntu配置DNS代理连接外网 配置DNS代理 DNS sudo vi /etc/resolvconf/resolv.conf.d/base 添加: nameserver xxx.xxx.xxx. ...
- 13. nginx四层 https代理https 前后端证书配置
使用情况 1.https代理https服务,后端与前端非同一证书. 2.想使用nginx代理来颁发合法新证书. 前提条件 准备后端证书且要与后端服务使用相同证书 准备前端证书. vim /etc/ng ...
- Nginx配置https,反向代理多实例tomcat的操作记录
案例说明: 前面一层nginx+Keepalived部署的LB,后端两台web服务器部署了多实例的tomcat,通过https方式部署nginx反向代理tomcat请求.配置一如下: 1)LB层的ng ...
- 前后端分离系统使用Nginx代理https地址
记一次服务由http转成https的nginx配置问题,nginx基础的一些配置就不在这边说了. 使用了nginx的gzip压缩功能:用于提升用户访问前端页面的速度 http {include mim ...
- haproxy代理https配置方法【转】
haproxy代理https配置方法[转] 记得在之前的一篇文章中介绍了nginx反向代理https的方法,今天这里介绍下haproxy代理https的方法: haproxy代理https有两种方式: ...
- nginx安装、nginx前端配置、后端配置、前后端分离配置、https支持(ssl配置)、负载均衡配置、nginx location详解
nginx配置 一.nginx安装 二.nginx配置 仅前端配置 仅后端配置 前后分离配置(1) 前后分离配置(2) 前后不分离配置 https/ssl配置 负载均衡配置 数据压缩配置 三.完整ng ...
- nginx https透明代理_Nginx反向代理https,配置lets-encrypt证书教程
前言 本站也终于迁移到https了,由于全Docker部署,迁移过程中真是艰难无比(wordpress那块被折腾的想放弃了),也欢迎访问本人博客,(知乎的排版有些乱) Nginx反向代理https,配 ...
- nginx 反向代理https配置
配置nginx 反向代理https server {listen 443 ;#ssl http2 default_server;server_name xxxx.com;# access_log lo ...
最新文章
- JAVA实验二——圆柱体
- 微软如何利用机器学习改进Win 10更新体验
- java取非_java运算符 与()、非(~)、或(|)、异或(^)
- 微软发布Visual Studio 2012 示例代码浏览器
- 信息如何实现病毒式传播?一文看懂Gossip协议
- python response重头开始_你必须学写 Python 装饰器的五个理由
- php 图片单位转换,php如何把图片转换成二进制字符串
- U盘安装CentOS Linux图文详解
- 自动化测试如何保持登录状态_自动化测试po模式是什么?自动化测试po分层如何实现?-附详细源码...
- 冷知识 —— 容易读错的发音(英文)
- python输入输出基本点
- python语言数值操作符_Python之组合数据类型、逻辑操作符、控制流语句、算术操作符...
- 软件测试黑盒测试实验心得_视频资源25套高级软件测试,性能测试,功能测试下载自动化测试...
- php php-fpm安装 nginx配置php
- dna计算机的主要作用,我国首台DNA计算机 意义重大
- POC会成为下一个POW吗?
- 《德鲁克管理思想精要》读书笔记7 - 如何做人
- ClickHouse MergeTree二级索引/跳数索引
- lib linux.so2 bad,linux – docker,openmpi和/ proc / mounts行的意外...
- 计算机专业竞聘词150,计算机专业组长竞聘演讲稿范文
热门文章
- 开课吧python小课值得么-好消息!今天,审计、会计、税务、财务主管彻底沸腾了……...
- python爬虫入门-python爬虫入门,8分钟就够了,最简单的基础教学!
- python中文解释-python注释中文
- 简明python教程购买-自学Python买什么书?
- ubuntu查看python版本-切换Ubuntu默认python版本的两种方法
- 怎么学python-如何高效学python?这篇文章就是为想学的你写的
- python3入门到精通pdf-总算知道python3入门到精通
- python自学免费课堂-如何系统地自学 Python?
- python写错了怎么更改-使用Python修改文件内容后如何保存更改
- python代码大全o-Python O