Question

我正在尝试部署部署在端口80中的Web应用程序，并且能够从www.ajaykalkoti.space和http://ajaykalkoti.space访问网站。

如果我尝试访问https://ajaykalkoti.space，则返回403错误。请求无法满足。我在Route 53上的输入应该是什么。我已附上以下条目的屏幕截图。

我不使用负载均衡器，因为我猜它已充电。

请指导我。

Route 53 Table

记录

Answer 1

使用此AWS指南：

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/SSL-on-an-instance.html

您应该在/etc/httpd/conf.d/ssl.conf中配置443端口：

Listen 443
<VirtualHost *:443>
  ServerName ajaykalkoti.space
  ErrorLog /var/log/httpd/ssl.error.log
  CustomLog /var/log/httpd/ssl.log combined

  SSLEngine on
  SSLCertificateFile PATH_TO_CERT.crt
  SSLCertificateKeyFile PATH_TO_KEY.key
  SSLCertificateChainFile PATH_TO_CHAIN.ca-bundle

  SSLProtocol -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
  SSLProxyProtocol -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2

  SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

  SSLProxyCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

  ProxyPreserveHost On
  ProxyPass        / http://localhost:8080/
  ProxyPassReverse / http://localhost:8080/
</VirtualHost>

例如

并在实例安全组中启用443端口

在AWS中www和http有效但https不起作用

1 个答案: