Question

Ubuntu 16.04 / ROS v1.3.0

我正在尝试配置我的ROS以使用安全的SSL连接。

如果我不对configuration.yml进行任何更改 - ROS很好。我可以像我期望的那样同步和使用仪表板。

我已经从Letsencrypt获得了SSL证书。我在独立模式下使用CertBot，这样我就不必安装或配置Nginx。（我的偏好是不安装另一个技术/层 - 保持清洁！）

我在此文件夹中存储了以下证书/密钥： /etc/letsencrypt/live/data.mydomain.net/cert.pem /etc/letsencrypt/live/data.mydomain.net/chain.pem /etc/letsencrypt/live/data.mydomain.net/fullchain.pem /etc/letsencrypt/live/data.mydomain.net/privkey.pem

我在configuration.yml启用HTTPS后，我无法启动ROS。

没有写入错误消息： /var/log/realm-object-server.log

以下是configuration.yml。

的代理部分的副本

  http:
    ## Whether or not to enable the HTTP proxy module. It enables multiplexing requests
    ## by forwarding incoming requests on a single port to all services.
    # enable: true

    ## The address/interface on which the HTTP proxy module should listen. This defaults
    ## to 127.0.0.1. If you wish to listen on all available interfaces,
    ## uncomment the following line.
    # listen_address: '::'

    ## The port that the HTTP proxy module should bind to.
    # listen_port: 9080

  https:
    ## Whether or not to enable the HTTPS proxy module. It enables multiplexing requests
    ## by forwarding incoming requests on a single port to all services.
    ## Note that even if it enabled, the HTTPS proxy will only start if supplied
    ## with a valid pair of certificates through certificate_path and private_key_path below.
    enable: true

    ## The path to the certificate and private keys (in PEM format) that will be used
    ## to set up the HTTPS server accepting connections.
    ## These configuration options are MANDATORY to start the HTTPS proxy module.
    certificate_path: '/etc/letsencrypt/live/data.mydomain.net/fullchain.pem'
    private_key_path: '/etc/letsencrypt/live/data.mydomain.net/privkey.pem'

    ## The address/interface on which the HTTPS proxy module should listen. This defaults
    ## to 127.0.0.1. If you wish to listen on all available interfaces,
    ## uncomment the following line.
    # listen_address: '::'

    ## The port that the HTTPS proxy module should bind to.
    listen_port: 9443

正如我所说。问题似乎是，一旦我配置HTTPS，ROS服务器就无法启动。如果我禁用HTTPS，则ROS服务器启动时没有问题。

我认为ROS无法启动的原因是 - 如果我从终端尝试curl 127.0.0.1:9080或curl 127.0.0.1:9443，我会收到消息curl: (7) Failed to connect to 127.0.0.1 port 9443: Connection refused

我很想听听你的想法/想法/建议，告诉我如何让它发挥作用。干杯。伊恩

Answer 1

感谢用户@Radu - 答案是权限。

$id = 5; $vector = array(); $kelas = array(); $arrayVector = array(); $a = mysqli_query($db, "SELECT id_comment, GROUP_CONCAT(`weight`, SEPARATOR ', ') as weight_grouped, kelas FROM data_latih_model WHERE id_comment BETWEEN 1 AND $i")or die("Error : ".mysqli_error($db)); while ($b = mysqli_fetch_assoc($a)) { $arrayVector[] = array($b['id_comment'] => $b['weight_grouped']); $kelas[] = $b['kelas']; }用户无权读取.pem文件。

我从这个答案中找到答案。 Https Proxy for Realm Object Server not working

@Radu - 是男人！

领域对象服务器 - SSL配置导致ROS无法启动

1 个答案: