我正在尝试按照这些文档将SSL证书安装到单个实例tomcat:http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-tomcat.html
EBS正在正确选择配置文件,但命令killall httpd未能说明没有已知的 httpd 进程。
tomcat的标准AMI是否运行Apache?我错过了什么?
这是错误:
应用程序更新在2016-09-12T18:07:04Z失败,退出状态为1 和错误:container_command killhttpd in .ebextensions / https-instance.config失败。+ + httpd:找不到进程。
以下是我作为配置文件的内容:
packages:
yum:
mod_ssl : []
files:
/etc/httpd/conf.d/ssl.conf:
mode: "000644"
owner: root
group: root
content: |
LoadModule ssl_module modules/mod_ssl.so
Listen 443
<VirtualHost *:443>
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
SSLEngine on
SSLCertificateFile "/etc/pki/tls/certs/server.crt"
SSLCertificateKeyFile "/etc/pki/tls/certs/server.key"
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
ProxyPass / http://localhost:8443/ retry=0
ProxyPassReverse / http://localhost:8443/
ProxyPreserveHost on
</VirtualHost>
/etc/pki/tls/certs/server.crt:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
/etc/pki/tls/certs/server.key:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
container_commands:
killhttpd:
command: "killall httpd"
waitforhttpddeath:
command: "sleep 3"
如果我完全删除容器命令没有任何变化。无法访问HTTPS。我确实在实例上打开了443端口。