在fedora更新后,庞德停止工作

时间:2014-11-06 16:44:07

标签: ssl self-signed pound

我正在使用Fedora 20,最近更新了yum。现在我再也无法工作了。没有真正的错误,只是拒绝连接:

以下输出是不同时间的复制和粘贴,但除了pid和time之外,输出总是相同的。

[root@mymachine me]#  wget --no-check-certificate --debug --verbose https://localhost
Setting --verbose (verbose) to 1
DEBUG output created by Wget 1.14 on linux-gnu.

URI encoding = ‘UTF-8’
--2014-11-06 11:59:53--  https://localhost/
Resolving localhost (localhost)... ::1, 127.0.0.1
Caching localhost => ::1 127.0.0.1
Connecting to localhost (localhost)|::1|:443... Closed fd 3
failed: Connection refused.
Connecting to localhost (localhost)|127.0.0.1|:443... Closed fd 3
failed: Connection refused.
Releasing 0x0000000001f33280 (new refcount 1).
[root@mymachine me]# service pound status
Redirecting to /bin/systemctl status  pound.service
pound.service - Pound Reverse Proxy And Load-balancer
   Loaded: loaded (/usr/lib/systemd/system/pound.service; enabled)
   Active: active (running) since Thu 2014-11-06 11:30:12 EST; 6min ago
  Process: 3019 ExecStart=/usr/sbin/pound (code=exited, status=0/SUCCESS)
 Main PID: 3020 (pound)
   CGroup: /system.slice/pound.service
           ├─3020 /usr/sbin/pound
           └─3021 /usr/sbin/pound

Nov 06 11:30:12 mymachine systemd[1]: Starting Pound Reverse Proxy And Load-balancer...
Nov 06 11:30:12 mymachine pound[3019]: starting...
Nov 06 11:30:12 mymachine systemd[1]: PID file /var/run/pound.pid not readable (yet?) after start.
Nov 06 11:30:12 mymachine systemd[1]: Started Pound Reverse Proxy And Load-balancer.
[root@mymachine me]# 

[root@mymachine me]# netstat -tulpn | grep pound
tcp        0      0 myip:443      0.0.0.0:*               LISTEN      1379/pound

我可以wget http:[stack抱怨链接//] localhost:80(清漆)和wget http:[stack抱怨链接//] localhost:8080(apache)我使用自签名pem可以找到的文件(没有错误),然后才能让我离开这里"和"我知道我在做什么"从浏览器开始,但现在它甚至不能在localhost上与wget连接。

这是/etc/pound.cfg:

User "pound"
Group "pound"
Control "/var/lib/pound/pound.cfg"


ListenHTTPS
    Address 128.199.217.77
    Port    443
    Cert    "/var/www/html/test.pem"
        Service
            BackEnd
                Address localhost
                Port    80
            End
        End
End

1 个答案:

答案 0 :(得分:0)

这是一个iptables问题。添加了使用iptables命令打开端口443的规则,这样做时不会以任何方式保存规则。改为使用firewall-cmd:

firewall-cmd --permanent --add-service=https
firewall-cmd --reload
firewall-cmd --list-services

使用wget时你不能使用localhost,因为pound没有在那里监听,命令应该是:

[root@mymachine me]#  wget --no-check-certificate --debug --verbose https://my.ip.address
相关问题
最新问题