HTTPS 无法在 Ubuntu Server 14.04 LTS 和 Apache 2.4 上运行

tag-icon tag-icon 14.04 server https apache2.4
HTTPS 无法在 Ubuntu Server 14.04 LTS 和 Apache 2.4 上运行

好的,我已经尝试修复这个问题大约一周了,但找不到任何与我的情况足够相似的东西来修复。我使用的是全新安装的 Ubuntu 14.04 LTS,并且我已经在服务器上设置了所有内容,但出于某种原因,Apache 无法提供 HTTPS 请求。

更多信息:运行netstat -tulpn | grep apache显示以下内容:

tcp6       0      0 :::80                   :::*                    LISTEN   3680/apache2
tcp6       0      0 :::443                  :::*                    LISTEN   3680/apache2

所以它肯定在监听正确的端口。运行openssl s_client -connect <servername>:443 -showcerts显示它没有提供 HTTPS 请求:

CONNECTED(00000003)
140318680839840:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown     protocol:s23_clnt.c:795:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

这是我的vhost.conf:

<VirtualHost *:443>
    ServerAdmin nathan@<servername>.co.uk
    ServerName <servername>.co.uk
    ServerAlias www.<servername>.co.uk

    # FPM config
    ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/<servername>.co.uk/$1
    DirectoryIndex /index.php

    # TLS
    SSLEngine on
    SSLCertificateFile /etc/ssl/private/ssl-chain-mail-<servername>.co.uk.pem
    SSLCertificateKeyFile /etc/ssl/private/ssl-key-decrypted-mail-<servername>.co.uk.key

    DocumentRoot /var/www/<servername>.co.uk
    <Directory /var/www/<servername>.co.uk>
            DirectoryIndex index.php
            AllowOverride ALL
            Options All -Indexes
            Require all granted
            Require ssl

            # Rewrite
            RewriteBase /

    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/custom_error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

这是我的 error.log 的内容,它说它正在运行 openssl:

[Sat Feb 07 11:08:17.762312 2015] [mpm_event:notice] [pid 3680:tid 139763219974016] AH00491: caught SIGTERM, shutting down
[Sat Feb 07 11:08:18.843199 2015] [mpm_event:notice] [pid 4671:tid 140013857027968] AH00489: Apache/2.4.10 (Ubuntu) mod_gnutls/0.5.10 OpenSSL/1.0.1f configured -- resuming normal operations
[Sat Feb 07 11:08:18.843274 2015] [core:notice] [pid 4671:tid 140013857027968] AH00094: Command line: '/usr/sbin/apache2'

我确实启用了 ssl 模块ls -l /etc/apache2/mods-available::

lrwxrwxrwx 1 root root 36 Jan 29 09:59 access_compat.load -> ../mods-available/access_compat.load
lrwxrwxrwx 1 root root 28 Jan 29 09:59 alias.conf -> ../mods-available/alias.conf
lrwxrwxrwx 1 root root 28 Jan 29 09:59 alias.load -> ../mods-available/alias.load
lrwxrwxrwx 1 root root 33 Jan 29 09:59 auth_basic.load -> ../mods-available/auth_basic.load
lrwxrwxrwx 1 root root 33 Jan 29 09:59 authn_core.load -> ../mods-available/authn_core.load
lrwxrwxrwx 1 root root 33 Jan 29 09:59 authn_file.load -> ../mods-available/authn_file.load
lrwxrwxrwx 1 root root 33 Jan 29 09:59 authz_core.load -> ../mods-available/authz_core.load
lrwxrwxrwx 1 root root 33 Jan 29 09:59 authz_host.load -> ../mods-available/authz_host.load
lrwxrwxrwx 1 root root 33 Jan 29 09:59 authz_user.load -> ../mods-available/authz_user.load
lrwxrwxrwx 1 root root 32 Jan 29 09:59 autoindex.conf -> ../mods-available/autoindex.conf
lrwxrwxrwx 1 root root 32 Jan 29 09:59 autoindex.load -> ../mods-available/autoindex.load
lrwxrwxrwx 1 root root 30 Jan 29 09:59 deflate.conf -> ../mods-available/deflate.conf
lrwxrwxrwx 1 root root 30 Jan 29 09:59 deflate.load -> ../mods-available/deflate.load
lrwxrwxrwx 1 root root 26 Jan 29 09:59 dir.conf -> ../mods-available/dir.conf
lrwxrwxrwx 1 root root 26 Jan 29 09:59 dir.load -> ../mods-available/dir.load
lrwxrwxrwx 1 root root 26 Jan 29 09:59 env.load -> ../mods-available/env.load
lrwxrwxrwx 1 root root 29 Jan 29 09:59 filter.load -> ../mods-available/filter.load
lrwxrwxrwx 1 root root 29 Jan 31 12:19 gnutls.conf -> ../mods-available/gnutls.conf
lrwxrwxrwx 1 root root 29 Jan 31 12:19 gnutls.load -> ../mods-available/gnutls.load
lrwxrwxrwx 1 root root 27 Jan 29 09:59 mime.conf -> ../mods-available/mime.conf
lrwxrwxrwx 1 root root 27 Jan 29 09:59 mime.load -> ../mods-available/mime.load
lrwxrwxrwx 1 root root 32 Jan 29 09:59 mpm_event.conf -> ../mods-available/mpm_event.conf
lrwxrwxrwx 1 root root 32 Jan 29 09:59 mpm_event.load -> ../mods-available/mpm_event.load
lrwxrwxrwx 1 root root 34 Jan 29 09:59 negotiation.conf -> ../mods-available/negotiation.conf
lrwxrwxrwx 1 root root 34 Jan 29 09:59 negotiation.load -> ../mods-available/negotiation.load
lrwxrwxrwx 1 root root 28 Jan 29 10:28 proxy.conf -> ../mods-available/proxy.conf
lrwxrwxrwx 1 root root 33 Jan 29 10:28 proxy_fcgi.load -> ../mods-available/proxy_fcgi.load
lrwxrwxrwx 1 root root 28 Jan 29 10:28 proxy.load -> ../mods-available/proxy.load
lrwxrwxrwx 1 root root 30 Jan 29 10:21 rewrite.load -> ../mods-available/rewrite.load
lrwxrwxrwx 1 root root 31 Jan 29 09:59 setenvif.conf -> ../mods-available/setenvif.conf
lrwxrwxrwx 1 root root 31 Jan 29 09:59 setenvif.load -> ../mods-available/setenvif.load
lrwxrwxrwx 1 root root 36 Jan 30 16:48 socache_shmcb.load -> ../mods-available/socache_shmcb.load
lrwxrwxrwx 1 root root 26 Jan 30 16:48 ssl.conf -> ../mods-available/ssl.conf
lrwxrwxrwx 1 root root 26 Jan 30 16:48 ssl.load -> ../mods-available/ssl.load
lrwxrwxrwx 1 root root 29 Jan 29 09:59 status.conf -> ../mods-available/status.conf
lrwxrwxrwx 1 root root 29 Jan 29 09:59 status.load -> ../mods-available/status.load
lrwxrwxrwx 1 root root 34 Feb  7 10:41 vhost_alias.load -> ../mods-available/vhost_alias.load

现在使用Firefox浏览https://<servername>.co.uk失败,但访问可以正常访问(但显然不是使用 TLS)。日志文件中没有任何错误,vhost 肯定正在加载,但出于某种原因,Apache 拒绝向客户端提供 HTTPS。我是否缺少模块,或者我的配置中是否缺少某些东西?ssl_error_rx_record_too_longhttp://<servername>.co.uk:443

对于大量的数据转储表示抱歉,但我只是想提供尽可能多的有用信息!

相关内容