我有一台安装了 zend server CE 的 ubuntu 12.04 服务器。我现在想启用 https,但根据文档中的第一步“a2enmod ssl”和“apache service restart”之后,根据 netstat -tap | grep http(s)!apache 既不监听 443,也不监听 80!
这是我在错误日志中看到的内容,但我无法理解:
[Fri May 25 19:52:39 2012] [notice] caught SIGTERM, shutting down
[Fri May 25 19:52:41 2012] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri May 25 19:52:41 2012] [notice] ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/) configured.
[Fri May 25 19:52:41 2012] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.6"
[Fri May 25 19:52:41 2012] [warn] ModSecurity: Loaded APR do not match with compiled!
[Fri May 25 19:52:41 2012] [notice] ModSecurity: PCRE compiled version="8.12"; loaded version="8.12 2011-01-15"
[Fri May 25 19:52:41 2012] [notice] ModSecurity: LUA compiled version="Lua 5.1"
[Fri May 25 19:52:41 2012] [notice] ModSecurity: LIBXML compiled version="2.7.8"
[Fri May 25 19:53:11 2012] [notice] ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/) configured.
[Fri May 25 19:53:11 2012] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.6"
[Fri May 25 19:53:11 2012] [warn] ModSecurity: Loaded APR do not match with compiled!
[Fri May 25 19:53:11 2012] [notice] ModSecurity: PCRE compiled version="8.12"; loaded version="8.12 2011-01-15"
[Fri May 25 19:53:11 2012] [notice] ModSecurity: LUA compiled version="Lua 5.1"
[Fri May 25 19:53:11 2012] [notice] ModSecurity: LIBXML compiled version="2.7.8"
[Fri May 25 19:53:12 2012] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.8-ZS5.5.0 configured -- resuming normal operations
这是我的httpd.conf:
# Name based virtual hosting
<virtualhost *:80>
ServerName www-redirect
KeepAlive Off
RewriteEngine On
RewriteCond %{HTTP_HOST} ^[^\./]+\.[^\./]+$
RewriteRule ^/(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]
</virtualhost>
Alias /shared/js "/home/web/library/js"
Alias /shared/image "/home/web/library/image"
<IfModule mod_expires.c>
<FilesMatch "\.(jpe?g|png|gif|js|css|doc|rtf|xls|pdf)$">
ExpiresActive On
ExpiresDefault "access plus 1 week"
</FilesMatch>
</IfModule>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
<Directory />
Options FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Location />
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ /index.php [NC,L]
</Location>
netstat -tap 给出:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:mysql *:* LISTEN 765/mysqld
tcp 0 0 *:pop3 *:* LISTEN 744/dovecot
tcp 0 0 *:imap2 *:* LISTEN 744/dovecot
tcp 0 0 *:http *:* LISTEN 19861/apache2
tcp 0 0 *:smtp *:* LISTEN 30365/master
tcp 0 0 *:4444 *:* LISTEN 634/sshd
tcp 0 0 *:kamanda *:* LISTEN 1167/lighttpd
tcp 0 0 *:imaps *:* LISTEN 744/dovecot
tcp 0 0 *:amandaidx *:* LISTEN 1167/lighttpd
tcp 0 0 localhost.loc:amidxtape *:* LISTEN 19861/apache2
tcp 0 0 *:pop3s *:* LISTEN 744/dovecot
tcp 0 384 mail.mysite.:4444 231.214.14.37.dyn:41909 ESTABLISHED 19039/sshd: web [pr
tcp 0 0 localhost.localdo:mysql localhost.localdo:48252 ESTABLISHED 765/mysqld
tcp 0 0 mail.mysite.:http 231.214.14.37.dyn:54686 TIME_WAIT -
tcp 0 0 mail.mysite.:4444 231.214.14.37.dyn:42419 ESTABLISHED 19372/sshd: web [pr
tcp 0 0 localhost.localdo:48252 localhost.localdo:mysql ESTABLISHED 19884/auth
tcp 0 0 mail.mysite.:http 231.214.14.37.dyn:54685 TIME_WAIT -
tcp6 0 0 [::]:pop3 [::]:* LISTEN 744/dovecot
tcp6 0 0 [::]:imap2 [::]:* LISTEN 744/dovecot
tcp6 0 0 [::]:smtp [::]:* LISTEN 30365/master
tcp6 0 0 [::]:4444 [::]:* LISTEN 634/sshd
tcp6 0 0 [::]:imaps [::]:* LISTEN 744/dovecot
tcp6 0 0 [::]:pop3s [::]:* LISTEN 744/dovecot
有人知道我做错了什么吗?也许我应该采取一些额外的步骤让 apache 监听 443,但它完全停止监听 80,我不明白。
答案1
我没有做错什么,但升级到 Ubuntu 服务器 12.04 后,Zend Server CE 中的 SSL 支持就中断了。与此同时,Zend 通过为 Ubuntu 12.04 提供单独的 Zend Server 5.6 存储库解决了该问题。将此行添加到 /etc/apt/sources.list
"deb http://repos.zend.com/zend-server/5.6.0_ubuntu1204/deb server non-free"
答案2
您可以像这样启用默认 ssl 站点;
ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl
这里有一些注释;
http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html
您能粘贴命令的输出吗netstat,类似于这样;
# netstat -ltp | grep http
tcp 0 0 *:https *:* LISTEN 2592/httpd
tcp 0 0 *:http *:* LISTEN 2592/httpd
您还可以将任何特定的启动错误记录到日志文件中,如下所示;
apachectl -E /var/log/httpd/startup-err.log -k start
如果这还不能告诉你问题所在,那么就把它调到最大,像这样;
apachectl -e debug -E /var/log/httpd/startup-err.log -k restart
还将apachectl -S显示 httpd 所看到的虚拟主机配置;
# apachectl -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
_default_:443 workstation001.config (/etc/httpd/conf.d/ssl.conf:75)
*:80 is a NameVirtualHost
default server www-redirect (/etc/httpd/conf.d/mystupidsite.com.conf:1)
port 80 namevhost www-redirect (/etc/httpd/conf.d/mystupidsite.com.conf:1)
Syntax OK
答案3
禁用 Curl 模块后服务器将正常启动。
手动禁用(因为服务器关闭时 Zend Web 界面将无法工作):
1)编辑/usr/local/zend/etc/ext.d/curl.ini
;2)在前面放一个冒号extension=curl.so,这样就可以了,直到修复发布
PS Zend 表示针对 Ubuntu 的修复程序很快就会发布。
答案4
查看 /var/log/syslog,你会发现一些类似的描述:
May 30 19:15:39 virtualdev kernel: [ 397.265473] apache2[2009]: segfault at 0 ip 00007fa17e522eb6 sp 00007fffb5468f98 error 4 in libc-2.15.so[7fa17e3e7000+1b3000]
这表明当启用 mod ssl 时,libc-2.15.so 似乎存在问题。不知道谁会修复这个问题。