我现在正在为嵌入式服务器配置 Apache v2.4、php5.3.20
服务器版本:Apache/2.4.4 (Unix)
服务器构建时间:2013 年 7 月 19 日 11:41:42
并且它确实运行良好,但是当我为 SSL mod 配置它时,它无法再处理 http 请求。
我的服务器现在可以通过 https 处理页面,但是当我请求页面时htt p://10.38.13.238/test.php
(故意错误)它返回 TCP 包(我使用 wireshark 进行捕获),没有任何 HTTP 包,如“HTTP/1.1 200 OK”,并且 Web 浏览器总是显示“从 10.38.13.238 传输”,而我收到的是空白页。以下是更多信息:
文件 etc/apache2/httpd.conf:
<VirtualHost *:80>
DocumentRoot "/usr/local/www/apache2/htdocs"
ServerName mustang:80
ServerAdmin [email protected]
# Host-specific directory setup, options, etc
# Most of these options are likely to be set outside the VirtualHosts
# sections.
</VirtualHost>
...
# Secure (SSL/TLS) connections
Include /etc/apache2/extra/httpd-ssl.conf
#
文件 /etc/apache2/extra/httpd-ssl.conf:
<VirtualHost *:443>
# General setup for the virtual host
DocumentRoot "/usr/local/www/apache2/htdocs/sslsite"
ServerName localhost:443
ServerAdmin [email protected]
ErrorLog "/usr/var/log/apache2/error_log"
TransferLog "/usr/var/log/apache2/access_log"
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile "/etc/apache2/server.crt"
SSLCertificateKeyFile "/etc/apache2/server.key"
SSLVerifyClient none
...
SSLOptions +StrictRequire +FakeBasicAuth +ExportCertData +StdEnvVars
<Directory />
SSLRequireSSL
</Directory>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/www/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
错误日志文件:
[Wed Aug 28 09:22:58.702230 2013] [mpm_worker:notice] [pid 1969:tid 548459311104] AH00298: SIGHUP received. Attempting to restart
[Wed Aug 28 09:22:58.812758 2013] [ssl:warn] [pid 1969:tid 548459311104] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Aug 28 09:22:58.814245 2013] [mpm_worker:notice] [pid 1969:tid 548459311104] AH00292: Apache/2.4.4 (Unix) OpenSSL/1.0.0j configured -- resuming normal operations
[Wed Aug 28 09:22:58.814285 2013] [core:notice] [pid 1969:tid 548459311104] AH00094: Command line: '/usr/sbin/httpd'
[Wed Aug 28 11:03:18.182732 2013] [mpm_worker:notice] [pid 1969:tid 548459311104] AH00295: caught SIGTERM, shutting down
[Wed Aug 28 11:03:33.782494 2013] [ssl:warn] [pid 2340:tid 547901157376] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Aug 28 11:03:33.990105 2013] [ssl:warn] [pid 2341:tid 547901157376] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Aug 28 11:03:33.991777 2013] [mpm_worker:notice] [pid 2341:tid 547901157376] AH00292: Apache/2.4.4 (Unix) OpenSSL/1.0.0j configured -- resuming normal operations
[Wed Aug 28 11:03:33.991847 2013] [core:notice] [pid 2341:tid 547901157376] AH00094: Command line: '/usr/sbin/httpd'
访问日志文件:
10.38.5.238 - - [28/Aug/2013:11:32:50 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:35:29 +0000] "GET /testxcache.php HTTP/1.1" 200 42
10.38.5.238 - - [28/Aug/2013:11:35:30 +0000] "GET /test.php HTTP/1.1" 200 47272
10.38.5.238 - - [28/Aug/2013:11:35:31 +0000] "GET /test.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
10.38.5.238 - - [28/Aug/2013:11:35:31 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:35:33 +0000] "GET /test.php HTTP/1.1" 200 47272
10.38.5.238 - - [28/Aug/2013:11:35:33 +0000] "GET /test.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
10.38.5.238 - - [28/Aug/2013:11:35:33 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:35:34 +0000] "GET /testxcache.php HTTP/1.1" 200 42
10.38.5.238 - - [28/Aug/2013:11:35:47 +0000] "GET /index.html HTTP/1.1" 200 45 10.38.5.238 - - [28/Aug/2013:11:36:07 +0000] "GET /test.php HTTP/1.1" 200 47272
10.38.5.238 - - [28/Aug/2013:11:36:07 +0000] "GET /test.php?=PHPE9568F35-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2146
10.38.5.238 - - [28/Aug/2013:11:36:07 +0000] "GET /test.php?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 2524
任何建议都将不胜感激。谢谢。
附言:我按照这些网站为我的 Apache 服务器配置 SSL
http://www.onlamp.com/2008/03/04/step-by-step-configuring-ssl-under-apache.html
http://forums.gentoo.org/viewtopic-p-6037402.html
答案1
HTTPS 只允许一个请求并立即关闭会话,因此它与 KeepAlives 有点不兼容
答案2
我找到了问题的答案。我不太明白,但如果我改变
KeepAlive On
到
KeepAlive Off
然后一切正常。我的服务器现在可以处理 HTTP 和 HTTPS。无论如何,谢谢。如果有人理解 KeepAlive 在这种情况下的含义,请告诉我。