我们在 tomcat 上使用 apache mod-proxy 来实现负载平衡。它运行良好,现在我们计划从 httpd 转移到 https。为此,我的配置如下
NameVirtualHost 10.x.x.3:443
<VirtualHost 10.x.x.3:443>
ServerName 10.x.x.x.3
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order Deny,Allow
Allow from all
</Proxy>
ProxyPass /balancer-manager !
ProxyPass / balancer://mycluster/ stickysession=JSESSIONID nofailover=On
ProxyPassReverse / balancer://mycluster/ stickysession=JSESSIONID
Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/"
<Proxy balancer://mycluster>
Header set Cache-Control no-cache
Header set Pragma no-cache
BalancerMember http://192.168.2.182:8080 route=node1
BalancerMember http://192.168.2.183:8080 route=node2
ProxySet lbmethod=byrequests
ProxySet stickysession=ROUTEID
</Proxy>
<Location /balancer-manager>
SetHandler balancer-manager
Order deny,allow
Allow from all
</Location>
</VirtualHost>
Include conf/extra/httpd-ssl.conf
我已在 httpd-ssl.conf 中添加了证书和密钥位置。请在 httpd-ssl.conf 中找到以下内容
Listen 43
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
<VirtualHost _default_:443>
ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache2/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
https 运行正常,但无法重定向到 tomcat 服务器。我看到的是默认的 apache“有效”测试页面。
请指导我是否遗漏了 Apache 配置中的任何内容