Apache proxypass https 到 https

【问题标题】:Apache proxypass https to httpsApache proxypass https 到 https
【发布时间】:2015-11-22 16:12:22
【问题描述】:

这是我厌倦的工作:

  1. 浏览器-internet-> https(Apache proxypass)-intranet->(Apache https)
  2. 两个 Apache 都安装了 ssl 证书。(startssl 宽卡,非自签名)

Apache 错误日志:

[client 192.168.2.157] SSL Proxy requested for test.xxx.com:443 but not enabled [Hint: SSLProxyEngine]

[error] proxy: HTTPS: failed to enable ssl support for 192.168.2.157:443 (test.xxx.com)

然后我尝试使用 apache(在互联网上)代理到 https://google.com 并且错误日志是一样的。

但是,https 到 http 可以。 浏览器-internet-> https(Apache proxypass)-intranet->(Apache http)

我的配置:

<VirtualHost  *:443>
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/xxx_com.crt
    SSLCertificateKeyFile /etc/apache2/ssl/xxx_com.key
    SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
    ProxyPreserveHost On
    ProxyRequests Off
    ProxyVia Off
    AllowEncodedSlashes NoDecode
    <Proxy *>
    Order deny,allow
    Allow from all
    </Proxy>
    ProxyPass  /       https://2w.xxx.com/
    ProxyPassReverse   /       https://2w.xxx.com/
    ServerName test.xxx.com
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set X-Forwarded-Port "443"
    ErrorLog "/var/log/apache2/error-ssl.log"
</VirtualHost>

或者:

<VirtualHost  *:443>
    ProxyPass  /       https://google.com/
    ProxyPassReverse   /       https://google.com/
    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/xxx_com.crt
    SSLCertificateKeyFile /etc/apache2/ssl/xxx_com.key
    SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
    ServerName test.xxx.com
</VirtualHost>

似乎 apache 无法处理 https 到 https? 如果 apache 不支持这个 nginx 呢?

【问题讨论】:

    标签: apache ssl https proxy


    【解决方案1】:

    您应该设置“SSLProxyEngine On”。以下是我的示例,可能会给您任何想法。

    <VirtualHost *:443>
    SSLEngine On
    SSLProxyEngine On
    ServerName my.example.com:443
    SSLCertificateFile "${SRVROOT}/conf/ssl/example.pem"
    SSLCertificateKeyFile "${SRVROOT}/conf/ssl/example.key"
    ErrorLog "|bin/rotatelogs.exe -l /var/logs/apache/example/error.%Y-%m-%d.log 86400"
    CustomLog "|bin/rotatelogs.exe -l /var/logs/apache/example/ssl_request.%Y-%m-%d.log 86400" \
        "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    ProxyRequests Off
    ProxyPass / https://www.google.com/
    <Location />
        ProxyPassReverse /

        Options FollowSymLinks
        Require all granted
    </Location>   
</VirtualHost>

    【讨论】:

      猜你喜欢
      • 2016-04-24
      • 2011-08-18
      • 2018-05-22
      • 2021-05-16
      • 2014-05-25
      • 2013-08-28
      • 2018-08-03
      • 2017-09-28
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode