ssl 配置后，节点的 Bitnami 代理不起作用

Question

我使用 bitnami 的节点图像在 AWS Lightsail 上创建了一个实例。

我安装并启动了我的应用程序，根据我找到的指南配置了所有内容，例如：host public node js website on amazon AWS LightSail without Bitnami

由于某种原因，我没有bitnami-apps-prefix.conf，所以我创建了它，然后将它包含在/opt/bitnami/apache2/conf/bitnami/bitnami.conf 中。 重新启动 Apache，它工作正常。

之后，我使用提供的 bncert-tool 安装了 ssl 证书。添加证书后，我的域具有 ssl 但我无法再访问我的应用程序，我得到默认页面，与实例启动后立即得到的页面相同：

我检查了一下，似乎bitnami.conf 仍然包含我添加的bitnami-apps-prefix.conf 我尝试在虚拟主机中添加代理作为第一件事，但它没有帮助。

这是我的/opt/bitnami/apache2/conf/bitnami/bitnami.conf 文件：

# Default Virtual Host configuration.

# Let Apache know we're behind a SSL reverse proxy
SetEnvIf X-Forwarded-Proto https HTTPS=on

<VirtualHost _default_:80>
  DocumentRoot "/opt/bitnami/apache/htdocs"
  # BEGIN: Configuration for letsencrypt
  Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
  # END: Configuration for letsencrypt
  # BEGIN: Support domain renewal when using mod_proxy without Location
  <IfModule mod_proxy.c>
    ProxyPass /.well-known !
  </IfModule>
  # END: Support domain renewal when using mod_proxy without Location
  # BEGIN: Enable HTTP to HTTPS redirection
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+(:[0-9]+)?$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  # END: Enable HTTP to HTTPS redirection
  <Directory "/opt/bitnami/apache/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
  </Directory>

  # Error Documents
  ErrorDocument 503 /503.html
  #Bitnami applications installed with a prefix URL (default)
  Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
  # BEGIN: Support domain renewal when using mod_proxy within Location
  <Location /.well-known>
    <IfModule mod_proxy.c>
      ProxyPass !
    </IfModule>
  </Location>
  # END: Support domain renewal when using mod_proxy within Location
</VirtualHost>

Include "/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf"

我在这里缺少什么？为什么请求没有重定向到我的应用程序？

Answer 1

我必须添加Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf" 到/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf。

不知道为什么它首先丢失，从文档中我知道它应该是开箱即用的。

Answer 2

这里是 Bitnami 工程师，

您似乎没有遵循 Bitnami 文档。如果你看一下，在实例中配置 VirtualHost 有不同的步骤。

https://docs.bitnami.com/aws/infrastructure/nodejs/administration/create-custom-application-nodejs/#step-3-serve-your-application-through-the-apache-web-server

您可以复制我们在实例中生成的文件

sudo cp /opt/bitnami/apache/conf/vhosts/sample-http-vhost.conf.disabled /opt/bitnami/apache/conf/vhosts/sample-http-vhost.conf
sudo cp /opt/bitnami/apache/conf/vhosts/sample-https-vhost.conf.disabled /opt/bitnami/apache/conf/vhosts/sample-https-vhost.conf

或生成具有以下内容的文件

• /opt/bitnami/apache/conf/vhosts/myapp-http-vhost.conf

<VirtualHost _default_:80>
  ServerAlias *
  DocumentRoot "/opt/bitnami/projects/myapp/public"
  <Directory "/opt/bitnami/projects/myapp/public">
    Require all granted
  </Directory>
  ProxyPass / http://localhost:3000/
  ProxyPassReverse / http://localhost:3000/
</VirtualHost>

• /opt/bitnami/apache/conf/vhosts/myapp-https-vhost.conf

<VirtualHost _default_:443>
  ServerAlias *
  SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache/conf/bitnami/certs/server.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache/conf/bitnami/certs/server.key"
  DocumentRoot "/opt/bitnami/projects/myapp"
  <Directory "/opt/bitnami/projects/myapp">
    Require all granted
  </Directory>
  ProxyPass / http://localhost:3000/
  ProxyPassReverse / http://localhost:3000/
</VirtualHost>

您需要稍后重新启动 Apache

sudo /opt/bitnami/ctlscript.sh restart apache