Ssl
名稱或服務未知:AH00547:無法解析主機名
連接到我的個人網站時,我收到
SSL_ERROR_RX_RECORD_TOO_LONG
來自 Mozilla Firefox 的錯誤消息:Secure Connection Failed An error occurred during a connection to www.fturco.net. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
我的網站託管在 VPS 伺服器上,但我試圖從家裡的個人電腦訪問它。
此錯誤消息僅在我重新啟動 VPS 伺服器後立即發生。啟動後,如果我重新啟動
httpd.service
問題就消失了。這些是來自的相關消息
/var/log/httpd/error_log
:[Sat Sep 10 15:15:18.285512 2016] [core:error] [pid 228] (EAI 2)Name or service not known: AH00547: Could not resolve host name www.fturco.net -- ignoring! [Sat Sep 10 15:15:18.289488 2016] [core:error] [pid 228] (EAI 2)Name or service not known: AH00547: Could not resolve host name tt-rss.fturco.net -- ignoring! [Sat Sep 10 15:15:18.289571 2016] [core:error] [pid 228] (EAI 2)Name or service not known: AH00547: Could not resolve host name shaarli.fturco.net -- ignoring! [Sat Sep 10 15:15:18.312224 2016] [mpm_prefork:notice] [pid 228] AH00163: Apache/2.4.23 (Unix) OpenSSL/1.0.2h PHP/7.0.10 configured -- resuming normal operations [Sat Sep 10 15:15:18.312625 2016] [core:notice] [pid 228] AH00094: Command line: '/usr/bin/httpd -D FOREGROUND'
這是我的 Apache 配置(
/etc/httpd/conf/httpd.conf
):LoadModule ssl_module modules/mod_ssl.so LoadModule php7_module modules/libphp7.so LoadModule unixd_module modules/mod_unixd.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so LoadModule mpm_prefork_module modules/mod_mpm_prefork.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule dir_module modules/mod_dir.so LoadModule headers_module modules/mod_headers.so ServerRoot "/etc/httpd" Listen 443 ServerAdmin fturco@fastmail.fm ServerName fturco.net DocumentRoot "/srv/http" <IfModule dir_module> DirectoryIndex index.html index.php </IfModule> <IfModule unixd_module> User http Group http </IfModule> <Directory "/"> AllowOverride None </Directory> <Directory "/srv/http/"> Require all granted </Directory> <Directory ~ "/srv/http/shaarli/(application|cache|data|pagecache|tmp)/"> Require all denied </Directory> <Directory "/srv/http/tt-rss/cache/"> Require all denied </Directory> ErrorLog "/var/log/httpd/error_log" LogLevel warn <IfModule log_config_module> TransferLog "/var/log/httpd/access_log" </IfModule> <IfModule mime_module> TypesConfig conf/mime.types AddType application/x-httpd-php .php </IfModule> SSLCertificateFile "/etc/letsencrypt/live/fturco.net/cert.pem" SSLCertificateKeyFile "/etc/letsencrypt/live/fturco.net/privkey.pem" SSLCertificateChainFile "/etc/letsencrypt/live/fturco.net/chain.pem" SSLSessionCache "shmcb:/some/example/path/ssl_scache(512000)" <VirtualHost www.fturco.net:443> ServerName www.fturco.net:443 DocumentRoot "/srv/http/www" ErrorLog "/var/log/httpd/www/error_log" TransferLog "/var/log/httpd/www/access_log" SSLEngine on </VirtualHost> <VirtualHost tt-rss.fturco.net:443> ServerName tt-rss.fturco.net:443 DocumentRoot "/srv/http/tt-rss" ErrorLog "/var/log/httpd/tt-rss/error_log" TransferLog "/var/log/httpd/tt-rss/access_log" SSLEngine on </VirtualHost> <VirtualHost shaarli.fturco.net:443> ServerName shaarli.fturco.net:443 DocumentRoot "/srv/http/shaarli" ErrorLog "/var/log/httpd/shaarli/error_log" TransferLog "/var/log/httpd/shaarli/access_log" SSLEngine on </VirtualHost> <IfModule headers_module> Header always set Strict-Transport-Security "max-age=15768000" </IfModule> SSLProtocol All -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 SSLHonorCipherOrder on SSLCompression off SSLSessionTickets off SSLUseStapling on SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors off SSLStaplingCache "shmcb:/var/run/ocsp(128000)"
這是我的
/etc/hosts
文件:127.0.0.1 localhost vps
命令
hostname
返回vps
。我的 VPS 伺服器執行 Arch Linux 和
apache-2.4.23-1
.我該如何解決這個問題?
似乎
VirtualHost
指令是錯誤的。正確的方法是:<VirtualHost *:443> ServerName www.fturco.net DocumentRoot "/srv/http/www" ErrorLog "/var/log/httpd/www/error_log" TransferLog "/var/log/httpd/www/access_log" SSLEngine on </VirtualHost>
唯一的區別在於前兩行。
感謝來自 Freenode 上#httpd 的使用者 BtbN。