Apache-2.4

我需要做什麼才能讓 ProxyPass 指令註冊?

  • August 23, 2021

我正在嘗試在 Apache 2.4.38 (Debian) 下通過 SSL 安裝 MyCollab CE。目前我看到 ProxyPass 無法辨識。我有:

ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/

當我嘗試載入 HTTPS 代理時,它給出 500 並且錯誤日誌文件不存在。

我完整的 …le-ssl.conf 文件讀取,mmildly sanitized:

<IfModule mod_ssl.c>
<VirtualHost *:443>
   ServerName [FQDN]
   ServerAlias [FQDN]
   DocumentRoot /home/christos/foo
   ErrorLog /var/log/apache2/foo_error.log
   CustomLog /var/log/apache2/foo_access.log combined
   ServerAdmin [email]
   <Directory />
       Options FollowSymLinks
       AllowOverride None
   </Directory>
   <Directory /home/christos/foo/>
       Options ExecCGI Indexes FollowSymLinks MultiViews
       AllowOverride None
       Order allow,deny
       allow from all
   </Directory>
   ErrorLog ${APACHE_LOG_DIR}/mycollab.error.log
   # Possible values include: debug, info, notice, warn, error, crit,
   # alert, emerg.
   LogLevel warn
   CustomLog ${APACHE_LOG_DIR}/access.log combined
   Alias /doc/ "/usr/share/doc/"
   <Directory "/usr/share/doc/">
       Options Indexes MultiViews FollowSymLinks
       AllowOverride None
       Order deny,allow
       Deny from all
       Allow from 127.0.0.0/255.0.0.0 ::1/128
   </Directory>
   ProxyPass / http://localhost:8080/
   ProxyPassReverse / http://localhost:8080/

SSLCertificateFile /etc/letsencrypt/live/[FQDN]/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/[FQDN]/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

我啟用了 ssl 和代理。

我該怎麼做才能使通過 HTTPS 的訪問在 SSL 下出現與通過 8080 直接連接相同的內容?

更新

我設置了警告的 LogLevel。在另一次(單次)嘗試載入首頁並指定 SSLEngine On 和 SSLProxyEngine on 之後,我在日誌中得到以下內容:

[Sun Aug 22 16:28:47.065003 2021] [socache_shmcb:debug] [pid 28984] mod_socache_shmcb.c(495): AH00831: socache_shmcb_store (0xb0 -> subcache 16)
[Sun Aug 22 16:28:47.065086 2021] [socache_shmcb:debug] [pid 28984] mod_socache_shmcb.c(849): AH00847: insert happened at idx=0, data=(0:32)
[Sun Aug 22 16:28:47.065091 2021] [socache_shmcb:debug] [pid 28984] mod_socache_shmcb.c(854): AH00848: finished insert, subcache: idx_pos/idx_used=0/1, data_pos/data_used=0/210
[Sun Aug 22 16:28:47.065094 2021] [socache_shmcb:debug] [pid 28984] mod_socache_shmcb.c(516): AH00834: leaving socache_shmcb_store successfully
[Sun Aug 22 16:28:47.067256 2021] [socache_shmcb:debug] [pid 28983] mod_socache_shmcb.c(495): AH00831: socache_shmcb_store (0x2e -> subcache 14)
[Sun Aug 22 16:28:47.067316 2021] [socache_shmcb:debug] [pid 28983] mod_socache_shmcb.c(849): AH00847: insert happened at idx=2, data=(412:444)
[Sun Aug 22 16:28:47.067321 2021] [socache_shmcb:debug] [pid 28983] mod_socache_shmcb.c(854): AH00848: finished insert, subcache: idx_pos/idx_used=0/3, data_pos/data_used=0/622
[Sun Aug 22 16:28:47.067325 2021] [socache_shmcb:debug] [pid 28983] mod_socache_shmcb.c(516): AH00834: leaving socache_shmcb_store successfully
[Sun Aug 22 16:28:47.165562 2021] [ssl:debug] [pid 28984] ssl_engine_kernel.c(383): [client 73.74.173.201:51057] AH02034: Initial (No.1) HTTPS request received for child 8 (server [FQDN]:443)
[Sun Aug 22 16:28:47.165668 2021] [authz_core:debug] [pid 28984] mod_authz_core.c(846): [client 73.74.173.201:51057] AH01628: authorization result: granted (no directives)
[Sun Aug 22 16:28:47.165717 2021] [proxy:debug] [pid 28984] mod_proxy.c(1249): [client 73.74.173.201:51057] AH01143: Running scheme http handler (attempt 0)
[Sun Aug 22 16:28:47.165723 2021] [proxy:warn] [pid 28984] [client 73.74.173.201:51057] AH01144: No protocol handler was valid for the URL / (scheme 'http'). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
[Sun Aug 22 16:28:47.165894 2021] [ssl:debug] [pid 28984] ssl_engine_io.c(1106): [client 73.74.173.201:51057] AH02001: Connection closed to child 8 with standard shutdown (server [FQDN]:443)
[Sun Aug 22 16:28:47.379646 2021] [ssl:debug] [pid 28983] ssl_engine_kernel.c(383): [client 73.74.173.201:51058] AH02034: Initial (No.1) HTTPS request received for child 7 (server [FQDN]:443), referer: https://[FQDN]/
[Sun Aug 22 16:28:47.379784 2021] [authz_core:debug] [pid 28983] mod_authz_core.c(846): [client 73.74.173.201:51058] AH01628: authorization result: granted (no directives), referer: https://[FQDN]/
[Sun Aug 22 16:28:47.379842 2021] [proxy:debug] [pid 28983] mod_proxy.c(1249): [client 73.74.173.201:51058] AH01143: Running scheme http handler (attempt 0), referer: https://[FQDN]/
[Sun Aug 22 16:28:47.379850 2021] [proxy:warn] [pid 28983] [client 73.74.173.201:51058] AH01144: No protocol handler was valid for the URL /favicon.ico (scheme 'http'). If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule., referer: https://[FQDN]/
[Sun Aug 22 16:28:47.380069 2021] [ssl:debug] [pid 28983] ssl_engine_io.c(1106): [client 73.74.173.201:51058] AH02001: Connection closed to child 7 with standard shutdown (server [FQDN]:443)

從你正在寫的(或者更確切地說:不寫)模組proxy_http可能會失去。

您可以執行apache2ctl -M以查看已載入的模組。

嘗試添加以下內容。如果您的後端不使用 SSL,您可能不需要第二個。

SSLEngine 開啟

SSLProxyEngine 開啟

如果您沒有收到錯誤日誌,請檢查日誌位置的文件權限並確保執行 apache 的使用者具有權限。收到錯誤日誌後,故障排除會更容易。

引用自:https://serverfault.com/questions/1075230