Apache2 - 如果没有 www,https 就无法工作

Apache2 - 如果没有 www,https 就无法工作

如果我们访问不带“www”的网站 ofornecedor.com.br/#/dashboard,则证书不起作用;但是,如果我们访问带有“www”的网站 www.ofornecedor.com.br/#/dashboard,则我们可以在 URL 中看到 https。

这个配置有什么问题?我的服务器在亚马逊上。

LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so
LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so
LoadModule proxy_wstunnel_module /usr/lib/apache2/modules/mod_proxy_wstunnel.so
LoadModule rewrite_module /usr/lib/apache2/modules/mod_rewrite.so
<VirtualHost *:80>
   ServerName ofornecedor.com.br
   ServerAlias www.ofornecedor.com.br

   ProxyPreserveHost On
   ProxyRequests Off
   ProxyPass / http://localhost:8080/
   ProxyPassReverse / http://localhost:8080/

RewriteEngine on

   RewriteCond %{HTTP:Upgrade} =websocket [NC]
   RewriteCond %{REQUEST_URI} /admin [NC]
   RewriteRule /admin/(.*) ws://exp:8080/admin/$1 [P,L]

   RewriteCond %{HTTP_HOST} !^ofornecedor\.com\.br$
   RewriteCond %{HTTP_HOST} !^$
   RewriteRule ^/(.*) https://ofornecedor.com.br/$1 [L,R]

</VirtualHost>

在此处输入图片描述


经过一番研究,我找到了这个配置。但由于某种原因,它仍然不起作用。

仍然无法使用 HTTPS 设置 Enonic XP

cat /home/xp/enonic/xp/config/com.enonic.xp.web.vhost.cfg

    enabled = true

    mapping.api.host = localhost
    mapping.api.source = /api
    mapping.api.target = /api

    mapping.a.host = ofornecedor.com.br
    mapping.a.source = /admin
    mapping.a.target = /admin
    mapping.a.userStore = system

    mapping.b.host = ofornecedor.com.br
    mapping.b.source = /
    mapping.b.target = /portal/master/ofornecedor

000-default.conf

    LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so

    <VirtualHost *:80>
      ServerName ofornecedor.com.br

      RewriteEngine on
      RewriteRule ^/(.*) https://ofornecedor.com.br/$1 [L,R=301,NE]
    </VirtualHost>

    <VirtualHost *:443>
      ServerName ofornecedor.com.br

      RequestHeader set X-Forwarded-Proto "https"

      SSLEngine on
      SSLCertificateFile /etc/letsencrypt/live/ofornecedor.com.br/cert.pem
      SSLCertificateKeyFile /etc/letsencrypt/live/ofornecedor.com.br/privkey.pem
      SSLCertificateChainFile /etc/letsencrypt/live/ofornecedor.com.br/chain.pem

      Header always set Strict-Transport-Security "max-age=15768000"

      ProxyRequests Off
      ProxyPreserveHost On

      ProxyPass / http://publicIp:8080/ timeout=5
      ProxyPass
    Reverse / http://publicIp:8080/ timeout=5

      RewriteEngine on

      RewriteCond %{HTTP:Upgrade} =websocket [NC]
      RewriteCond %{REQUEST_URI} /admin [NC]
      RewriteRule /admin/(.*) ws://publicIp:8080/admin/$1 [P,L]

      RewriteCond %{HTTP_HOST} !^ofornecedor\.com\.br$
      RewriteCond %{HTTP_HOST} !^$
      RewriteRule ^/(.*) https://ofornecedor.com.br/$1 [L,R]
    </VirtualHost>

    SSLProtocol all -SSLv3
    SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
    SSLHonorCipherOrder on

    SSLUseStapling on
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off
    SSLStaplingCache shmcb:/var/run/ocsp(128000)

sudo service xp restart sudo service apache2 restart

sudo service xp status

● xp.service - SYSV: Enonic XP server daemon
   Loaded: loaded (/etc/init.d/xp; bad; vendor preset: enabled)
   Active: active (exited) since Sat 2019-05-11 12:51:13 UTC; 1min 24s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 2378 ExecStop=/etc/init.d/xp stop (code=exited, status=0/SUCCESS)
  Process: 2392 ExecStart=/etc/init.d/xp start (code=exited, status=0/SUCCESS)
    Tasks: 0
   Memory: 0B
      CPU: 0

May 11 12:51:13 ip-172-31-13-126 systemd[1]: Starting SYSV: Enonic XP server daemon...
May 11 12:51:13 ip-172-31-13-126 xp[2392]: Starting Enonic XP: xp....
May 11 12:51:13 ip-172-31-13-126 su[2397]: Successful su for xp by root
May 11 12:51:13 ip-172-31-13-126 su[2397]: + ??? root:xp
May 11 12:51:13 ip-172-31-13-126 su[2397]: pam_unix(su:session): session opened for user xp by (uid=0)
May 11 12:51:13 ip-172-31-13-126 xp[2392]: Enonic XP: xp started
May 11 12:51:13 ip-172-31-13-126 xp[2392]: ( with pid 2418 and exit code 0 )
May 11 12:51:13 ip-172-31-13-126 systemd[1]: Started SYSV: Enonic XP server daemon.

我得到的是默认的 apache 页面而不是应用程序。:sweat:

我在这里遗漏了什么?

答案1

请尝试改变这一点:

   RewriteCond %{HTTP_HOST} !^ofornecedor\.com\.br$
   重写条件 %{HTTP_HOST} !^$
   重写规则 ^/(.*) https://ofornecedor.com.br/$1 [L,R]

变成这样:

   RewriteEngine 开启
   RewriteCond %{SERVER_NAME} =www.ofornecedor.com.br [或]
   RewriteCond %{SERVER_NAME} =ofornecedor.com.br
   重写规则 ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]

相关内容