使用https进行流动,无法从主机连接到访客

时间:2014-06-22 16:52:16

标签: https vagrant vagrantfile

如果我在vagrant上运行apache和varnish并在guest虚拟机和主机上运行以下命令就可以了:

//guest
wget http://localhost/app_dev.php
//host
wget http://localhost:8080/app_dev.php

我的Vagrantfile看起来像这样:

  config.vm.network "forwarded_port", guest: 80, host: 8080

现在我尝试使用ssl将其更改为

  config.vm.network "forwarded_port", guest: 443, host: 8080

然后在客人身上我开始httpd,varnish和pound。现在我无法再从主持人那里连接:

//on guest:
wget --no-check-certificate https://localhost:443/app_dev.php
//results in 200 OK
//on host
wget --no-check-certificate https://localhost:8080/app_dev.php
//results in
//--2014-06-22 23:43:34--  https://localhost:8080/app_dev.php
//Resolving localhost (localhost)... 127.0.0.1
//Connecting to localhost (localhost)|127.0.0.1|:8080... connected.
//Unable to establish SSL connection.

不确定这里有什么问题,是否不允许在8080上创建ssh?

在Vagrantfile中尝试以下内容时

  config.vm.network "forwarded_port", guest: 443, host: 443

我在启动时收到警告:

==> default: You are trying to forward to privileged ports (ports <= 1024). Most
==> default: operating systems restrict this to only privileged process (typically
==> default: processes running as an administrative user). This is a warning in case
==> default: the port forwarding doesn't work. If any problems occur, please try a
==> default: port higher than 1024.

但是从主机尝试wget时仍然是同样的错误。

是否可以使用vagrant进行从主机到guest的https连接?如果是,那怎么样?

我正在使用fedora 20盒子。尝试使用Vagrantfile中的以下设置:

  config.vm.network "private_network", ip: "33.33.33.10"

然后添加到我的主人

33.33.33.10     site

当我启动httpd,varnish和pound on guest(httpd监听8080,清漆为80,Pound为443)时,我可以获得http:site /,http:site:8080但没有https:site(必须删除) //或者不能发布它来自客人的wget工作(使用预期的html响应200)

我试过的客人

iptables -A INPUT -p tcp --dport 443 -j ACCEPT

但同样的结果,我无法想到为什么Vagrant fedora box会阻止https端口,但可能是因为我不知道如何使用iptables。

1 个答案:

答案 0 :(得分:0)

这是一个问题,/ etc / pound.cfg看起来像:

ListenHTTPS
    Address localhost
    Port    443

更改为:

ListenHTTPS
    Address 33.33.33.10
    Port    443

解决了问题