未找到 SSL Apache 站点

未找到 SSL Apache 站点

我尝试在我们的 Web 服务器上安装 web2py,但我必须通过 SSL 访问管理面板,因为服务器本身没有图形界面。

我不太熟悉如何设置 Apache 服务器,所以我无法让它工作。我确实运行了安装脚本对于 web2py,应该设置 SSL 站点,但当我尝试连接时,我只得到“此网页不可用”。我可以使用普通 HTTP 连接到 web2py 首页。我也尝试过破解它,但我甚至在 apache2 日志中看不到任何错误或访问尝试。

我确实跑了

openssl s_client -state -nbio -connect localhost:443 2>&1 |grep "^SSL"

结果如下

SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:error in SSLv2/v3 read server hello A
SSL_connect:SSLv3 read server hello A
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:error in SSLv3 read finished A
SSL_connect:error in SSLv3 read finished A
SSL_connect:SSLv3 read finished A
SSL handshake has read 1435 bytes and written 319 bytes
SSL-Session:
SSL3 alert read:warning:close notify
SSL3 alert write:warning:close notify

有问题的网站是http://www2.olka.fi我的 default-ssl 现在如下所示:

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin webmaster@localhost
    WSGIProcessGroup web2py
    WSGIPassAuthorization On
    WSGIScriptAlias / /home/www-data/web2py/wsgihandler.py

    <Directory /home/www-data/web2py>
            AllowOverride None
            Order Allow,Deny
            <Files wsgihandler.py>
                    Allow from all
            </Files>
    </Directory>

    AliasMatch ^/([^/]+)/static/(.*) \
            /home/www-data/web2py/applications/$1/static/$2
    <Directory /home/www-data/web2py/applications/*/static>
            Options -Indexes
            ExpiresActive On
            ExpiresDefault "access plus 1 hour"
            Order Allow,Deny
            Allow from all
    </Directory>

    <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
    <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn
    CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined

    #   SSL Engine Switch:
    #   Enable/Disable SSL for this virtual host.
    SSLEngine on

    #   A self-signed (snakeoil) certificate can be created by installing
    #   the ssl-cert package. See
    #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
    #   If both key and certificate are stored in the same file, only the
    #   SSLCertificateFile directive is needed.
    SSLCertificateFile    /etc/apache2/ssl/self_signed.cert
    SSLCertificateKeyFile /etc/apache2/ssl/self_signed.key

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>

    BrowserMatch "MSIE [2-6]" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

</VirtualHost>
</IfModule>

答案1

好的,问题实际上是 Linux 防火墙。添加端口 443 规则解决了我的问题。所以这个问题可以关闭或删除。

相关内容