我在AWS上有2个linux实例,一个运行apache的web服务器,另一个运行tomcat的tomcat。 apache上的网站配置为通过https处理请求,内部请求通过http发送到tomcat。
到目前为止,我已经做过的事情,直到ssl,
1)在apache服务器上创建自签名证书。
2)在我的httpd.conf文件中安装并启用了mod_ssl模块
3)将我的域映射到所需的文档根目录,并映射到虚拟主机中所需的代理传递设置
该网站可通过https访问,但只要您单击一个对tomcat进行后端调用的链接,它就会失败。我已经浏览了网络并且已经玩了所有可能的配置更改,不知道是什么问题。
我的VirtualHost设置....
Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/opt/apache24/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
DocumentRoot "/opt/testapp/ui"
ServerName app.dev.testapp.dom.com
ErrorLog "/opt/testapp/logs/error_log"
TransferLog "/opt/testapp/logs/access_log"
SSLEngine on
SSLCertificateFile "/opt/testapp/certificate/testapi.crt"
SSLCertificateKeyFile "/opt/testapp/certificate/testapi.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache24/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/opt/apache24/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost _default_:443>
ServerName api.dev.testapp.dom.com
ErrorLog "/opt/testapp/logs/error_log"
TransferLog "/opt/testapp/logs/access_log"
SSLEngine on
SSLProxyEngine on
ProxyPass / http://ec2-100-100-100-100.compute-1.amazonaws.com:8080/testapi/
ProxyPassReverse / http://ec2-100-100-100-100.compute-1.amazonaws.com:8080/testapi/
SSLCertificateFile "/opt/testapp/certificate/testapi.crt"
SSLCertificateKeyFile "/opt/testapp/certificate/testapi.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache24/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/opt/apache24/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
&#13;