我的 Apache 服务器在端口 80 上正常运行。
当我尝试在端口 443 上启用 SSL 时,我可以通过本地主机(telnet localhost 443)连接,但不能通过 IP 地址(telnet xxx.xxx.xxx.xxx 443)连接。
为了找出问题所在,我采用了默认的 80 端口配置,并将引用更改为 443 端口。结果相同。改回 80 后,一切正常。
这让我认为这是防火墙问题,而不是配置问题。但我没有防火墙规则。
此外,此站点正在 Virtualbox 下使用相同 Linux 版本 12.04 Precise 64 位的虚拟机上运行。我将 /etc/apache2 目录打包并放在 Amazon EC2 实例上,得到了所描述的行为 - 端口 80 有效,443 仅限本地主机。
我不是专家,但也不是新手。困惑了半天,想着是时候联系一下了,也许其他人可以提供帮助/受益。我是不是错过了一些简单的东西,或者我需要做些什么新事情来打开端口 443?
端口.conf:
NameVirtualHost *:80
Listen 80
Listen 443
已启用站点中的默认 SSL
<VirtualHost *:443>
ServerName mysite.mydomain.com:443
... more irrelevant stuff
注意,如果我只启用 default-ssl 并将 443 更改为 80,它就可以正常工作
所以,这让我认为 Apache 配置没有问题,但防火墙存在问题。但我没有启用防火墙。
ubuntu@ip-xx-xx-xx-xx:/etc/apache2/sites-enabled$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
nmap localhost 与 IP 地址
sudo nmap -sT -O -PN xx.xx.xx.xx
Starting Nmap 5.21 ( http://nmap.org ) at 2013-07-30 13:53 EDT
Nmap scan report for ec2-xx-xx-xx-xxx.compute-1.amazonaws.com (xx.xx.xx.xx)
Host is up (0.0013s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
25/tcp closed smtp
80/tcp open http
3306/tcp closed mysql
Device type: general purpose
Running (JUST GUESSING) : Linux 2.6.X (85%)
Aggressive OS guesses: Linux 2.6.15 - 2.6.26 (85%)
No exact OS matches for host (test conditions non-ideal).
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 9.56 seconds
ubuntu@ip-10-68-23-145:/etc/apache2/sites-enabled$ sudo nmap -sT -O -PN localhost
nmap 本地主机
Starting Nmap 5.21 ( http://nmap.org ) at 2013-07-30 13:53 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000047s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
3306/tcp open mysql
9418/tcp open git
No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ).
TCP/IP fingerprint:
OS:SCAN(V=5.21%D=7/30%OT=22%CT=1%CU=42076%PV=N%DS=0%DC=L%G=Y%TM=51F7FD9D%P=
OS:x86_64-unknown-linux-gnu)SEQ(SP=FD%GCD=1%ISR=10E%TI=Z%CI=Z%II=I%TS=8)OPS
OS:(O1=M400CST11NW5%O2=M400CST11NW5%O3=M400CNNT11NW5%O4=M400CST11NW5%O5=M40
OS:0CST11NW5%O6=M400CST11)WIN(W1=8000%W2=8000%W3=8000%W4=8000%W5=8000%W6=80
OS:00)ECN(R=Y%DF=Y%T=40%W=8018%O=M400CNNSNW5%CC=Y%Q=)T1(R=Y%DF=Y%T=40%S=O%A
OS:=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%
OS:Q=)T5(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y%T=40%W=0%S=
OS:A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)U1(R=
OS:Y%DF=N%T=40%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE(R=Y%DFI=N%
OS:T=40%CD=S)
Network Distance: 0 hops
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.70 seconds
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 12.04.2 LTS
Release: 12.04
Codename: precise
答案1
请检查您的安全组亚马逊 EC2如果没有 443 端口规则,请添加一条。