如何在apache服务器上使用ssl证书(https)运行nodejs应用程序?

时间:2016-09-01 14:59:05

标签: node.js apache ssl reverse-proxy

我在apache服务器上配置了我的nodejs应用程序,当我运行http://node.example.com url时,它运行良好。但是当我运行https://node.example.com时,它会显示以下错误。

我在这里描述了我的httpd.conf,example_node.conf,example_ssl_node.conf配置文件。你能弄明白实际出现的问题吗?

的httpd.conf

empDF.write.jdbc("jdbc:postgresql://localhost/postgres", "test", Map("user" -> "user", "password" -> "pwd"))

/usr/local/apache/conf/userdata/std/2_4/example/node.example.com/example_node.conf

 root@wb01-development [~]# cat /usr/local/apache/conf/httpd.conf

Include "/usr/local/apache/conf/includes/pre_main_global.conf"
Include "/usr/local/apache/conf/includes/pre_main_2.conf"

LoadModule bwlimited_module modules/mod_bwlimited.so

Include "/usr/local/apache/conf/php.conf"
Include "/usr/local/apache/conf/includes/account_suspensions.conf"
Include "/usr/local/apache/conf/includes/errordocument.conf"
Include "/usr/local/apache/conf/modsec2.conf"

ErrorLog "logs/error_log"
ScriptAliasMatch ^/?controlpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAliasMatch ^/?cpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAliasMatch ^/?kpanel/?$ /usr/local/cpanel/cgi-sys/redirect.cgi
ScriptAliasMatch ^/?securecontrolpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi
ScriptAliasMatch ^/?securecpanel/?$ /usr/local/cpanel/cgi-sys/sredirect.cgi
ScriptAliasMatch ^/?securewhm/?$ /usr/local/cpanel/cgi-sys/swhmredirect.cgi
ScriptAliasMatch ^/?webmail(/.*|/?)$ /usr/local/cpanel/cgi-sys/wredirect.cgi
ScriptAliasMatch ^/?whm/?$ /usr/local/cpanel/cgi-sys/whmredirect.cgi
ScriptAliasMatch ^/Autodiscover/Autodiscover.xml /usr/local/cpanel/cgi-sys/autodiscover.cgi
ScriptAliasMatch ^/autodiscover/autodiscover.xml /usr/local/cpanel/cgi-sys/autodiscover.cgi

RewriteEngine on
AddType text/html .shtml

Alias /bandwidth /usr/local/bandmin/htdocs/
Alias /img-sys /usr/local/cpanel/img-sys/
Alias /java-sys /usr/local/cpanel/java-sys/
Alias /mailman/archives /usr/local/cpanel/3rdparty/mailman/archives/public/
Alias /pipermail /usr/local/cpanel/3rdparty/mailman/archives/public/
Alias /sys_cpanel /usr/local/cpanel/sys_cpanel/

ScriptAlias /cgi-sys /usr/local/cpanel/cgi-sys/
ScriptAlias /mailman /usr/local/cpanel/3rdparty/mailman/cgi-bin/

<Directory "/">
    AllowOverride All
    Options ExecCGI FollowSymLinks IncludesNOEXEC Indexes SymLinksIfOwnerMatch
</Directory>

<Directory "/usr/local/apache/htdocs">
    Options All
    AllowOverride None
    Require all granted
</Directory>

<Files ~ "^error_log$">
    Order allow,deny
    Deny from all

    Satisfy All
</Files>

<Files ".ht*">
    Require all denied
</Files>

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common

    CustomLog "logs/access_log" common

    <IfModule logio_module>
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>

</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
</IfModule>

<Directory "/usr/local/apache/cgi-bin">
    AllowOverride None
    Options All
    Require all granted
</Directory>

<IfModule mime_module>
    TypesConfig conf/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
</IfModule>

<IfModule prefork.c>
    Mutex default mpm-accept

</IfModule>

<IfModule mod_log_config.c>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent

    CustomLog logs/access_log common

</IfModule>

<IfModule itk.c>
    Mutex default mpm-accept

</IfModule>

<IfModule worker.c>
    Mutex default mpm-accept

</IfModule>

PidFile /usr/local/apache/logs/httpd.pid
Listen 0.0.0.0:80
Listen [::]:80
User nobody
Group nobody
ExtendedStatus On
ServerAdmin user@gmail.com
ServerName wb01-development.example.com
LogLevel warn

# These can be set in WHM under 'Apache Global Configuration'
Timeout 300
TraceEnable On
ServerSignature Off
ServerTokens Full
FileETag All
StartServers 5
<IfModule prefork.c>
MinSpareServers 5
MaxSpareServers 10
</IfModule>
ServerLimit 256
MaxRequestWorkers 150
MaxConnectionsPerChild 10000
KeepAlive Off
KeepAliveTimeout 5
MaxKeepAliveRequests 100

RewriteEngine on
RewriteMap LeechProtect prg:/usr/local/cpanel/bin/leechprotect
Mutex file:/usr/local/apache/logs rewrite-map

# Set UserDir directory for all virtual hosts, except..
UserDir public_html
# when the following two modules are loaded
<IfModule mod_ruid2.c>
UserDir disabled
</IfModule>
<IfModule mpm_itk.c>
UserDir disabled
</IfModule>

# DirectoryIndex is set via the WHM -> Service Configuration -> Apache Setup -> DirectoryIndex Priority
DirectoryIndex index.html.var index.htm index.html index.shtml index.xhtml index.wml index.perl index.pl index.plx index.ppl index.cgi index.jsp index.js index.jp index.php4 index.php3 index.php index.phtml default.htm default.html home.htm index.php5 Default.html Default.htm home.html

# SSLCipherSuite can be set in WHM under 'Apache Global Configuration'
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLProtocol All -SSLv2 -SSLv3
SSLPassPhraseDialog  builtin

SSLUseStapling on
SSLStaplingCache shmcb:/usr/local/apache/logs/stapling_cache_shmcb(256000)
SSLStaplingReturnResponderErrors off
SSLStaplingErrorCacheTimeout 60
SSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data_shmcb(1024000)

SSLSessionCacheTimeout  300
Mutex                   file:/usr/local/apache/logs ssl-cache
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin



    Listen 0.0.0.0:443
    Listen [::]:443
    AddType application/x-x509-ca-cert .crt
    AddType application/x-pkcs7-crl .crl


AddHandler cgi-script .cgi .pl .plx .ppl .perl
AddHandler server-parsed .shtml
AddType text/html .shtml
AddType application/x-tar .tgz
AddType text/vnd.wap.wml .wml
AddType image/vnd.wap.wbmp .wbmp
AddType text/vnd.wap.wmlscript .wmls
AddType application/vnd.wap.wmlc .wmlc
AddType application/vnd.wap.wmlscriptc .wmlsc

<Location /whm-server-status>
    SetHandler server-status
    Order deny,allow
    Deny from all

    Allow from 127.0.0.1 ::1

</Location>



# SUEXEC is supported

Include "/usr/local/apache/conf/includes/account_suspensions.conf"
Include "/usr/local/apache/conf/includes/pre_virtualhost_global.conf"
Include "/usr/local/apache/conf/includes/pre_virtualhost_2.conf"

# DO NOT EDIT. AUTOMATICALLY GENERATED.  IF YOU NEED TO MAKE A CHANGE PLEASE USE THE INCLUDE FILES.
# DO NOT EDIT. AUTOMATICALLY GENERATED.  IF YOU NEED TO MAKE A CHANGE PLEASE USE THE INCLUDE FILES.

<VirtualHost 132.159.25.21:80>
    ServerName 132.159.25.21
    DocumentRoot /usr/local/apache/htdocs
    ServerAdmin user@gmail.com
    <IfModule mod_suphp.c>
        suPHP_UserGroup nobody nobody
    </IfModule>
</VirtualHost>


# Default vhost for unbound IPs

<VirtualHost *>
    ServerName wb01-development.example.com
    DocumentRoot /usr/local/apache/htdocs
    ServerAdmin user@gmail.com
    <IfModule mod_suphp.c>
        suPHP_UserGroup nobody nobody
    </IfModule>
</VirtualHost>

# DO NOT EDIT. AUTOMATICALLY GENERATED.  IF YOU NEED TO MAKE A CHANGE PLEASE USE THE INCLUDE FILES.

<VirtualHost 132.159.25.21:80>
  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /home/example/public_html
  ServerAdmin webmaster@example.com
  UseCanonicalName Off
  CustomLog /usr/local/apache/domlogs/example.com combined
  <IfModule log_config_module>
    <IfModule logio_module>
      CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    </IfModule>
  </IfModule>
  ## User example # Needed for Cpanel::ApacheConf
  <IfModule userdir_module>
    <IfModule !mpm_itk.c>
      <IfModule !ruid2_module>
        UserDir enabled example
      </IfModule>
    </IfModule>
  </IfModule>

  # Enable backwards compatible Server Side Include expression parser for Apache versions >= 2.4.
  # To selectively use the newer Apache 2.4 expression parser, disable SSILegacyExprParser in
  # the user's .htaccess file.  For more information, please read:
  #    http://httpd.apache.org/docs/2.4/mod/mod_include.html#ssilegacyexprparser
  <IfModule include_module>
    <Directory "/home/example/public_html">
      SSILegacyExprParser On
    </Directory>
  </IfModule>

  <IfModule suphp_module>
    suPHP_UserGroup example example
  </IfModule>
  <IfModule !mod_disable_suexec.c>
    <IfModule !mod_ruid2.c>
      SuexecUserGroup example example
    </IfModule>
  </IfModule>
  <IfModule ruid2_module>
    RMode config
    RUidGid example example
  </IfModule>
  <IfModule mpm_itk.c>
    # For more information on MPM ITK, please read:
    #   http://mpm-itk.sesse.net/
    AssignUserID example example
  </IfModule>

  <IfModule alias_module>
    ScriptAlias /cgi-bin/ /home/example/public_html/cgi-bin/
  </IfModule>

  # To customize this VirtualHost use an include file at the following location
  # Include "/usr/local/apache/conf/userdata/std/2_4/example/example.com/*.conf"
</VirtualHost>


<VirtualHost 132.159.25.21:443>
  ServerName example.com
  ServerAlias www.example.com
  DocumentRoot /home/example/public_html
  ServerAdmin webmaster@example.com
  UseCanonicalName Off
  CustomLog /usr/local/apache/domlogs/example.com combined
  <IfModule log_config_module>
    <IfModule logio_module>
      CustomLog /usr/local/apache/domlogs/example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    </IfModule>
  </IfModule>
  ## User example # Needed for Cpanel::ApacheConf
  <IfModule userdir_module>
    <IfModule !mpm_itk.c>
      <IfModule !ruid2_module>
        UserDir enabled example
      </IfModule>
    </IfModule>
  </IfModule>

  # Enable backwards compatible Server Side Include expression parser for Apache versions >= 2.4.
  # To selectively use the newer Apache 2.4 expression parser, disable SSILegacyExprParser in
  # the user's .htaccess file.  For more information, please read:
  #    http://httpd.apache.org/docs/2.4/mod/mod_include.html#ssilegacyexprparser
  <IfModule include_module>
    <Directory "/home/example/public_html">
      SSILegacyExprParser On
    </Directory>
  </IfModule>

  <IfModule suphp_module>
    suPHP_UserGroup example example
  </IfModule>
  <IfModule !mod_disable_suexec.c>
    <IfModule !ruid2_module>
      SuexecUserGroup example example
    </IfModule>
  </IfModule>
  <IfModule ruid2_module>
    RMode config
    RUidGid example example
  </IfModule>
  <IfModule mpm_itk.c>
    # For more information on MPM ITK, please read:
    #   http://mpm-itk.sesse.net/
    AssignUserID example example
  </IfModule>

  <IfModule alias_module>
    ScriptAlias /cgi-bin/ /home/example/public_html/cgi-bin/
  </IfModule>
  <IfModule ssl_module>
    SSLEngine on

    SSLCertificateFile /var/cpanel/ssl/installed/certs/_wildcard__example_com_c1ebe_c4ca7_1483487999_2becd0f081b8814a3dc006e99fb0f972.crt
    SSLCertificateKeyFile /var/cpanel/ssl/installed/keys/c1ebe_c4ca7_2d88c428bbeef56e18aa682d1b3a0ed2.key
    SSLCACertificateFile /var/cpanel/ssl/installed/cabundles/GeoTrust_Inc__1b5858b431d25fcb2b55fda3f4e11447_1653082610.cabundle
    CustomLog /usr/local/apache/domlogs/example.com-ssl_log combined
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    <Directory "/home/example/public_html/cgi-bin">
      SSLOptions +StdEnvVars
    </Directory>
  </IfModule>

  # To customize this VirtualHost use an include file at the following location
  # Include "/usr/local/apache/conf/userdata/ssl/2_4/example/example.com/*.conf"
</VirtualHost>

# DO NOT EDIT. AUTOMATICALLY GENERATED.  IF YOU NEED TO MAKE A CHANGE PLEASE USE THE INCLUDE FILES.

Include "/usr/local/apache/conf/userdata/std/2_4/example/node.example.com/example_node.conf"
Include "/usr/local/apache/conf/userdata/ssl/2_4/example/example.com/example_ssl_node.conf"

<VirtualHost 132.159.25.21:80 127.0.0.1:80>
    ServerName wb01-development.example.com

    ServerAlias cpanel.* whm.* webmail.* webdisk.* cpcalendars.* cpcontacts.*

    DocumentRoot /usr/local/apache/htdocs
    ServerAdmin user@gmail.com
    <IfModule mod_suphp.c>
        suPHP_UserGroup nobody nobody
    </IfModule>
    <Proxy "*">
        <IfModule mod_security2.c>
            SecRuleEngine Off
        </IfModule>
    </Proxy>
    RewriteEngine On
    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^cpanel.
    RewriteRule ^/(.*) http://127.0.0.1:2082/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^webmail.
    RewriteRule ^/(.*) http://127.0.0.1:2095/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^whm.
    RewriteRule ^/(.*) http://127.0.0.1:2086/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^webdisk.
    RewriteRule ^/(.*) http://127.0.0.1:2077/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^cpcalendars.
    RewriteRule ^/(.*) http://127.0.0.1:2079/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^cpcontacts.
    RewriteRule ^/(.*) http://127.0.0.1:2079/$1 [P]

    UseCanonicalName Off
</VirtualHost>


<VirtualHost 132.159.25.21:443 127.0.0.1:443>
    ServerName wb01-development.example.com

    ServerAlias cpanel.* whm.* webmail.* webdisk.* cpcalendars.* cpcontacts.*

    DocumentRoot /usr/local/apache/htdocs
    ServerAdmin user@gmail.com
    <IfModule mod_suphp.c>
        suPHP_UserGroup nobody nobody
    </IfModule>
    <Proxy "*">
        <IfModule mod_security2.c>
            SecRuleEngine Off
        </IfModule>
    </Proxy>
    RewriteEngine On
    <IfModule mod_ssl.c>
        SSLEngine on
        SSLProxyEngine On
        SSLProxyVerify none
        # Setting to Off for backwards-compatibility
        # Read for more info: http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslproxycheckpeercn
        SSLProxyCheckPeerCN Off
        SSLProxyCheckPeerName Off
        SSLProxyCheckPeerExpire Off
            SSLCertificateFile /var/cpanel/ssl/cpanel/cpanel.pem
        SSLCertificateKeyFile /var/cpanel/ssl/cpanel/cpanel.pem
        SSLCertificateChainFile /var/cpanel/ssl/cpanel/cpanel.pem
        SSLUseStapling Off

    </IfModule>
    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^cpanel.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2083/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^webmail.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2096/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^whm.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2087/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^webdisk.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2078/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^cpcalendars.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2080/$1 [P]

    RewriteCond %{HTTP_HOST} !^wb01-development.example.com$
    RewriteCond %{HTTP_HOST} ^cpcontacts.
    RewriteCond %{HTTPS} on
    RewriteRule ^/(.*) https://127.0.0.1:2080/$1 [P]

    UseCanonicalName Off
</VirtualHost>

Include "/usr/local/apache/conf/includes/post_virtualhost_global.conf"
Include "/usr/local/apache/conf/includes/post_virtualhost_2.conf"

/usr/local/apache/conf/userdata/ssl/2_4/example/example.com/example_ssl_node.conf

root@wb01-development [/home/example/public_html/node]# cat /usr/local/apache/conf/userdata/std/2_4/example/node.example.com/example_node.conf
<VirtualHost 132.159.25.21:80>
  ServerName node.example.com
  ServerAlias www.node.example.com
  DocumentRoot /home/example/public_html/node
  ServerAdmin webmaster@node.example.com
  UseCanonicalName Off

  ProxyRequests Off
  ProxyPreserveHost On
  ProxyVia Full

  ProxyPass / http://node.example.com:3030/
  ProxyPassReverse / http://node.example.com:3030/

  CustomLog /usr/local/apache/domlogs/node.example.com combined
  <IfModule log_config_module>
    <IfModule logio_module>
      CustomLog /usr/local/apache/domlogs/node.example.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
    </IfModule>
  </IfModule>
  ## User example # Needed for Cpanel::ApacheConf
  <IfModule userdir_module>
    <IfModule !mpm_itk.c>
      <IfModule !ruid2_module>
        UserDir enabled example
      </IfModule>
    </IfModule>
  </IfModule>

  <IfModule include_module>
    <Directory "/home/example/public_html/node">
      SSILegacyExprParser On
    </Directory>
  </IfModule>

  <IfModule suphp_module>
    suPHP_UserGroup example example
  </IfModule>
  <IfModule !mod_disable_suexec.c>
    <IfModule !mod_ruid2.c>
      SuexecUserGroup example example
    </IfModule>
  </IfModule>
  <IfModule ruid2_module>
    RMode config
    RUidGid example example
  </IfModule>
  <IfModule mpm_itk.c>
    # For more information on MPM ITK, please read:
    #   http://mpm-itk.sesse.net/
    AssignUserID example example
  </IfModule>

  <IfModule alias_module>
    ScriptAlias /cgi-bin/ /home/example/public_html/node/cgi-bin/
  </IfModule>

</VirtualHost>

错误快照:

enter image description here

任何人都可以指导https网址的问题

0 个答案:

没有答案