我在tomcat 7上运行了一个Web应用程序(java,jsp)。当我http://localhost.somedomain.com/
我想启用SSL,以便我可以访问我的网站https://localhost.somedomain.com/
我已经安装了自签名证书并配置了httpd.conf(在apache上) 按照
中说明的步骤操作https://getgrav.org/blog/mac-os-x-apache-setup-ssl
当我访问https://localhost.somedomain.com/
时,它似乎在寻找index.html来提供服务。我在我的Web应用程序的根目录中添加了一个虚拟index.html,它就会被提供。它似乎充当静态文件而不是将其呈现为Web应用程序(由http版本执行控制器)。当我访问https://localhost.somedomain.com/url/时,它会报告404 / url / not found
我的第一个问题是,
我的第二个问题是,
我的httpd.conf文件如下
ServerRoot "/usr"
Listen 80
Listen 443
LoadModule authn_file_module libexec/apache2/mod_authn_file.so
LoadModule authn_core_module libexec/apache2/mod_authn_core.so
LoadModule authz_host_module libexec/apache2/mod_authz_host.so
LoadModule authz_groupfile_module libexec/apache2/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache2/mod_authz_user.so
LoadModule authz_core_module libexec/apache2/mod_authz_core.so
LoadModule access_compat_module libexec/apache2/mod_access_compat.so
LoadModule auth_basic_module libexec/apache2/mod_auth_basic.so
LoadModule socache_shmcb_module libexec/apache2/mod_socache_shmcb.so
LoadModule reqtimeout_module libexec/apache2/mod_reqtimeout.so
LoadModule filter_module libexec/apache2/mod_filter.so
LoadModule mime_module libexec/apache2/mod_mime.so
LoadModule log_config_module libexec/apache2/mod_log_config.so
LoadModule env_module libexec/apache2/mod_env.so
LoadModule headers_module libexec/apache2/mod_headers.so
LoadModule setenvif_module libexec/apache2/mod_setenvif.so
LoadModule version_module libexec/apache2/mod_version.so
LoadModule proxy_module libexec/apache2/mod_proxy.so
LoadModule proxy_connect_module libexec/apache2/mod_proxy_connect.so
LoadModule proxy_ftp_module libexec/apache2/mod_proxy_ftp.so
LoadModule proxy_http_module libexec/apache2/mod_proxy_http.so
LoadModule proxy_fcgi_module libexec/apache2/mod_proxy_fcgi.so
LoadModule proxy_scgi_module libexec/apache2/mod_proxy_scgi.so
LoadModule proxy_wstunnel_module libexec/apache2/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module libexec/apache2/mod_proxy_ajp.so
LoadModule proxy_balancer_module libexec/apache2/mod_proxy_balancer.so
LoadModule proxy_express_module libexec/apache2/mod_proxy_express.so
LoadModule slotmem_shm_module libexec/apache2/mod_slotmem_shm.so
LoadModule ssl_module libexec/apache2/mod_ssl.so
LoadModule lbmethod_byrequests_module libexec/apache2/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module libexec/apache2/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module libexec/apache2/mod_lbmethod_bybusyness.so
LoadModule unixd_module libexec/apache2/mod_unixd.so
LoadModule status_module libexec/apache2/mod_status.so
LoadModule autoindex_module libexec/apache2/mod_autoindex.so
LoadModule negotiation_module libexec/apache2/mod_negotiation.so
LoadModule dir_module libexec/apache2/mod_dir.so
LoadModule alias_module libexec/apache2/mod_alias.so
LoadModule hfs_apple_module libexec/apache2/mod_hfs_apple.so
<IfModule unixd_module>
User _www
Group _www
</IfModule>
ServerAdmin you@example.com
ServerName localhost.somedomain.com
<Directory />
AllowOverride All
Require all granted
</Directory>
DocumentRoot "/apps/sstp/tomcat/webapps/ROOT"
<Directory "/apps/sstp/tomcat/webapps/ROOT">
Require all granted
Options Includes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<FilesMatch "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
Require all denied
</FilesMatch>
<Files "rsrc">
Require all denied
</Files>
<DirectoryMatch ".*\.\.namedfork">
Require all denied
</DirectoryMatch>
ErrorLog "/private/var/log/apache2/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "/private/var/log/apache2/access_log" common
</IfModule>
<IfModule alias_module>
ScriptAliasMatch ^/cgi-bin/((?!(?i:webobjects)).*$) "/Library/WebServer/CGI-Executables/$1"
</IfModule>
<IfModule cgid_module>
</IfModule>
<Directory "/Library/WebServer/CGI-Executables">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /private/etc/apache2/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
TraceEnable off
Include /private/etc/apache2/extra/httpd-mpm.conf
Include /private/etc/apache2/extra/httpd-autoindex.conf
Include /private/etc/apache2/extra/httpd-vhosts.conf
<IfModule proxy_html_module>
Include /private/etc/apache2/extra/proxy-html.conf
</IfModule>
Include /private/etc/apache2/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Include /private/etc/apache2/other/*.conf
我的httpd-vhosts.conf如下
<VirtualHost *:443>
ServerAdmin a@b.com
DocumentRoot "/apps/sstp/tomcat/webapps/ROOT"
ServerName localhost.somedomain.com
SSLEngine on
SSLCertificateFile "/private/etc/apache2/server.crt"
SSLCertificateKeyFile "/private/etc/apache2/server.key"
</VirtualHost>
我的httpd-ssl.conf如下所示
Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/private/var/run/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost *:443>
DocumentRoot "/apps/sstp/tomcat/webapps/ROOT"
ServerName localhost.somedomain.com
ErrorLog "/private/var/log/apache2/error_log"
TransferLog "/private/var/log/apache2/access_log"
SSLEngine on
SSLCertificateFile "/private/etc/apache2/server.crt"
SSLCertificateKeyFile "/private/etc/apache2/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/Library/WebServer/CGI-Executables">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/private/var/log/apache2/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
我的tomcat server.xml如下所示
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>
<Listener className="org.apache.catalina.core.JasperListener"/>
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
address="127.0.0.1"
maxThreads="1500"
acceptCount="100"
secure="@tomcat.session.secure@"/>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Context docBase="/apps/sstp/tomcat/html" path="/info"/>
</Host>
</Engine>
</Service>
</Server>
简单来说,我想配置使我的应用程序作为http://localhost.somedomain.com
运行所需的任何内容,以便在https://localhost.somedomain.com
答案 0 :(得分:1)
httpd-vhosts.conf
中缺少这个ProxyPreserveHost On
ProxyPass / ajp://localhost:8009/
ProxyPassReverse / ajp://localhost:8009/
因此,请求不会从apache路由到tomcat
答案 1 :(得分:0)
根据你问题中的描述,我读到你在apache上设置了SSL,并希望使用AJP协议将请求传递给tomcat。在这种情况下,您不应将DocumentRoot
的{{1}}指定为某个tomcat目录,而应指定正确的VirtualHost
(如果您使用的是mod_jk)或{{1} (如果您使用的是mod_proxy_ajp)指令。看一下端口80上虚拟主机的配置,它应该包含正确的语句,你可以将它们复制到你的SSL-virtualHost。