Apache-2.2
Apache SSL 埠重定向(8443 到 443)
我有一個 Tomcat 伺服器 (JIRA) 在 Apache 反向代理伺服器後面工作(花了一段時間,但我到了那裡)。我正在升級我的舊伺服器並添加 Apache 來為我提供一些額外的功能和安全性。舊伺服器被訪問
https://example.com:8443
我希望能夠讓 Apache 轉發任何使用埠 8443 訪問舊地址的人(即來自舊書籤等),
https://example.com
但我正在努力讓它工作。我可以做到以下幾點
http://example.com
->https://example.com
http://example.com:8443
->https://example.com
但
https://example.com:8443
在 Chrome 中生成 SSL 連接錯誤。我有點卡住了。在 httpd.conf 我有Listen 80 Listen 8443
在 httpd-vhosts.conf 我有
<VirtualHost *:80> ServerName example.com Redirect / https://example.com/ </VirtualHost> <VirtualHost *:8443> ServerName example.com Redirect / https://example.com/ </VirtualHost>
在 httpd-ssl.com 我有
Listen 443 <VirtualHost *:443> ServerName example.com SSLEngine On SSLCertificateFile "C:\Program Files\Atlassian\JIRA\jre\server.crt" SSLCertificateKeyFile "C:\Program Files\Atlassian\JIRA\jre\server.key" SSLProxyEngine Off ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://example.com:8080/ ProxyPassReverse / http://example.com:8080/ </VirtualHost>
您仍然需要在埠 8443 上使用 SSL 才能讀取請求並做出響應。
我在 apache 中將它與 Jira 一起使用。注意:我使用在 jira/conf/server.xml 中配置的 /jira(見下文)。另請注意 proxyName=“example.com”
<VirtualHost *:80> ServerName example.com Redirect permanent / https://example.com/jira/ </VirtualHost> <VirtualHost *:443> ServerName example.com Redirect permanent / https://example.com/jira/ <Proxy *> Order deny,allow Allow from all </Proxy> ProxyRequests Off ProxyPass /jira http://localhost:8080/jira ProxyPassReverse /jira http://localhost:8080/jira <Location /> Order allow,deny Allow from all </Location> SSLEngine on SSLCertificateFile ....crt SSLCertificateKeyFile ....key SSLCertificateChainFile ....crt </VirtualHost>
伺服器.xml
<?xml version="1.0" encoding="utf-8"?> <Server port="8005" shutdown="SHUTDOWN"> <!--APR library loader. Documentation at /docs/apr.html --> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/> <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html --> <Listener className="org.apache.catalina.core.JasperListener"/> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/> --> <Service name="Catalina"> <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8081" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"/> <Connector acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8080" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" proxyName="example.com" proxyPort="443"/> <Engine name="Catalina" defaultHost="localhost"> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"> <Context path="/jira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true"> <Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction" factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/> <Manager pathname=""/> </Context> </Host> <Valve className="org.apache.catalina.valves.AccessLogValve" resolveHosts="false" pattern="%a %{jira.request.id}r %{jira.request.username}r %t "%m %U%q %H" %s %b %D "%{Referer}i" "%{User-Agent}i" "%{jira.request.assession.id}r""/> </Engine> </Service> </Server>