Apache-2.2

Apache SSL 埠重定向(8443 到 443)

  • August 12, 2014

我有一個 Tomcat 伺服器 (JIRA) 在 Apache 反向代理伺服器後面工作(花了一段時間,但我到了那裡)。我正在升級我的舊伺服器並添加 Apache 來為我提供一些額外的功能和安全性。舊伺服器被訪問

https://example.com:8443

我希望能夠讓 Apache 轉發任何使用埠 8443 訪問舊地址的人(即來自舊書籤等),https://example.com但我正在努力讓它工作。我可以做到以下幾點

  • http://example.com->https://example.com
  • http://example.com:8443->https://example.com

https://example.com:8443在 Chrome 中生成 SSL 連接錯誤。我有點卡住了。在 httpd.conf 我有

Listen 80
Listen 8443

在 httpd-vhosts.conf 我有

<VirtualHost *:80>
   ServerName example.com
   Redirect        /   https://example.com/
</VirtualHost>
<VirtualHost *:8443>
   ServerName example.com
   Redirect    /   https://example.com/
</VirtualHost>

在 httpd-ssl.com 我有

Listen 443
<VirtualHost *:443>
   ServerName example.com

   SSLEngine               On
   SSLCertificateFile      "C:\Program Files\Atlassian\JIRA\jre\server.crt"
   SSLCertificateKeyFile   "C:\Program Files\Atlassian\JIRA\jre\server.key"
   SSLProxyEngine      Off

   ProxyRequests       Off
   ProxyPreserveHost   On
   <Proxy *>
       Order deny,allow
       Allow from all
   </Proxy>

   ProxyPass           /   http://example.com:8080/
   ProxyPassReverse    /   http://example.com:8080/

</VirtualHost>

您仍然需要在埠 8443 上使用 SSL 才能讀取請求並做出響應。

我在 apache 中將它與 Jira 一起使用。注意:我使用在 jira/conf/server.xml 中配置的 /jira(見下文)。另請注意 proxyName=“example.com”

<VirtualHost *:80>
       ServerName example.com
       Redirect permanent / https://example.com/jira/
</VirtualHost>

<VirtualHost *:443>

       ServerName example.com
       Redirect permanent / https://example.com/jira/
       <Proxy *>
               Order deny,allow
               Allow from all
       </Proxy>

       ProxyRequests Off
       ProxyPass /jira http://localhost:8080/jira
       ProxyPassReverse /jira http://localhost:8080/jira
       <Location />
               Order allow,deny
               Allow from all
       </Location>

       SSLEngine on
       SSLCertificateFile ....crt
       SSLCertificateKeyFile ....key
       SSLCertificateChainFile ....crt
</VirtualHost>

伺服器.xml

<?xml version="1.0" encoding="utf-8"?>

<Server port="8005" shutdown="SHUTDOWN">

   <!--APR library loader. Documentation at /docs/apr.html -->
   <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>
   <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
   <Listener className="org.apache.catalina.core.JasperListener"/>
   <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>

   -->
   <Service name="Catalina">


<Connector acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
port="8081"
protocol="HTTP/1.1"
redirectPort="8443"
useBodyEncodingForURI="true"/>

       <Connector acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true"
enableLookups="false"
maxHttpHeaderSize="8192"
maxThreads="150"
minSpareThreads="25"
port="8080"
protocol="HTTP/1.1"
redirectPort="8443"
useBodyEncodingForURI="true"
scheme="https"
proxyName="example.com"
proxyPort="443"/>

       <Engine name="Catalina" defaultHost="localhost">
           <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

               <Context path="/jira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">

                   <Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction"
                             factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/>
                   <Manager pathname=""/>
               </Context>

           </Host>
           <Valve className="org.apache.catalina.valves.AccessLogValve" resolveHosts="false"
                  pattern="%a %{jira.request.id}r %{jira.request.username}r %t "%m %U%q %H" %s %b %D "%{Referer}i" "%{User-Agent}i" "%{jira.request.assession.id}r""/>

       </Engine>
   </Service>
</Server>

引用自:https://serverfault.com/questions/619794