Question

我在AWS上有2个linux实例，一个运行apache的web服务器，另一个运行tomcat的tomcat。 apache上的网站配置为通过https处理请求，内部请求通过http发送到tomcat。

到目前为止，我已经做过的事情，直到ssl，

1）在apache服务器上创建自签名证书。

2）在我的httpd.conf文件中安装并启用了mod_ssl模块

3）将我的域映射到所需的文档根目录，并映射到虚拟主机中所需的代理传递设置

该网站可通过https访问，但只要您单击一个对tomcat进行后端调用的链接，它就会失败。我已经浏览了网络并且已经玩了所有可能的配置更改，不知道是什么问题。

我的VirtualHost设置....

＆＃13;

Listen 443
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLHonorCipherOrder on 
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog  builtin
SSLSessionCache        "shmcb:/opt/apache24/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

<VirtualHost _default_:443>

DocumentRoot "/opt/testapp/ui"
ServerName app.dev.testapp.dom.com

ErrorLog "/opt/testapp/logs/error_log"
TransferLog "/opt/testapp/logs/access_log"

SSLEngine on
SSLCertificateFile "/opt/testapp/certificate/testapi.crt"
SSLCertificateKeyFile "/opt/testapp/certificate/testapi.key"

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache24/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog "/opt/apache24/logs/ssl_request_log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


</VirtualHost>                                  


<VirtualHost _default_:443>

ServerName api.dev.testapp.dom.com
ErrorLog "/opt/testapp/logs/error_log"
TransferLog "/opt/testapp/logs/access_log"

SSLEngine on
SSLProxyEngine on

ProxyPass / http://ec2-100-100-100-100.compute-1.amazonaws.com:8080/testapi/
ProxyPassReverse / http://ec2-100-100-100-100.compute-1.amazonaws.com:8080/testapi/

SSLCertificateFile "/opt/testapp/certificate/testapi.crt"
SSLCertificateKeyFile "/opt/testapp/certificate/testapi.key"

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/opt/apache24/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-5]" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog "/opt/apache24/logs/ssl_request_log" \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

＆＃13;

Apache HTTPS与Tomcat http连接无法正常工作

0 个答案: