我确实有一个“简单”的问题,可能您几秒钟就能回答;)我设置了一个 apache web 服务器 (v2.2),这个 apache 服务器用作启用了“mod_jk”的平衡器。此服务器上托管了 2 个不同的应用程序,分别称为“低”和“高”。我使用的 tomcat 服务器是 V6.0x 服务器。
以下是 apache httpd.conf(摘要):
# Load mod_jk module
LoadModule jk_module modules/mod_jk-1.2.30-httpd-2.2.3.so
# Where to find workers.properties
JkWorkersFile conf/workers.properties
# loadbalancer contains the first application that may be clustered (runs on more tomcat instances/servers)
JkMount /high/* loadbalancer
# webworker contains the second application that runs in a single tomcat instance
JkMount /low/* webworker
如您所见,有两个已定义的映射。第一个“high”指向负载均衡器(2 个应用服务器“worker1”和“worker2”,请参阅下面的 worker.properties)。第二个解析为“low”,指向 webworker(此服务器上的另一个 tomcat 实例)。
以下是 worker.properties:
# Define worker list
worker.list=worker1,worker2,loadbalancer,webworker
# Set properties for worker1 (ajp13, http=8080, https=8443)
# Note: worker1 runs on the same machine as the serving apache webserver
worker.worker1.type=ajp13
worker.worker1.host=appserver1.example.com
worker.worker1.port=8009
worker.worker1.lbfactor=1
# Set properties for worker2 (ajp13, http=8080, https=8443)
# Note: worker2 runs on a different machine
worker.worker2.type=ajp13
worker.worker2.host=appserver2.example.com
worker.worker2.port=8010
worker.worker2.lbfactor=2
# Set properties for webworker (ajp13, http=9090, https=9443)
# Note: webworker runs on the same machine as the serving apache webserver
worker.webworker.type=ajp13
worker.webworker.host=appserver1.example.com
worker.webworker.port=8010
# Set properties for load balancer
worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=worker1, worker2
因此,我的问题是:
我如何设置将映射“low”的所有请求重写为“https”?第二个应用程序“low”应完全安全运行。
即调用“http://www.myapplication.com/low“导致 Apache 服务器将其重写为”https://www.myapplication.com/low“。
使用“mod_rewrite”可以实现这一点吗?我必须将证书文件放在哪里?证书是否要在 tomcat-config(server.xml)或 apache-config(或者可能在两个配置文件中)中配置?
谢谢你的帮助:)
找到了解决方案:
Bruno 帮助了我,所以这是我的工作配置(将配置放在名为 httpd-vhosts.conf 的附加文件中):
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName appserver1.example.com:443
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
JkMount /low/* webworker
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName appserver1.example.com
JkMount /high/* loadbalancer
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/low(.*) https://appserver1.example.com/low$1 [R,L]
</IfModule>
</VirtualHost>
答案1
您是否尝试过类似的事情(假设您已经加载了 mod_rewrite)?
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/low(.*) https://%{SERVER_NAME}/low$1 [R,L]
如果你使用 Apache Httpd 作为前端,则需要配置 SSL(请参阅mod_ssl 模块的文档)。
通常情况下,它看起来像这样:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName host.name.example
SSLEngine on
SSLCertificateFile /etc/ssl/certs/host.pem
SSLCertificateKeyFile /etc/ssl/private/host.key
# ...
# (the config file with your distribution will probably have
# a sensible set of options for SSL as well.)
JkMount /high/* loadbalancer
JkMount /low/* webworker
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName host.name.example
# You can put the rewrite rules here for example.
JkMount /high/* loadbalancer
# Don't put this one if you don't want it over plain HTTP
# JkMount /low/* webworker
</VirtualHost>