我有一个 SSL 站点,正尝试通过 apache 来传送,但当您在 Web 浏览器中加载它时会发生超时。
我在浏览器中看到此消息:
The connection has timed out
The server at solr1.mydomain.com is taking too long to respond.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer's network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.
我检查了日志,发现日志中存在 SSL 错误,内容如下:
[Sun Nov 02 17:43:13.859447 2014] [ssl:warn] [pid 23687] AH01909: RSA certificate configured for solr1.mydomain.com:443 does NOT include an ID which matches the server name
这很奇怪。因为在为网站创建证书时,我确保在服务器上指定 hostname -f 的输出作为通用名称。
这是一个亚马逊 EC2 实例。我不确定这是否与这个问题有关。
这是我的 Apache 配置:
LoadModule jk_module modules/mod_jk.so
JkWorkersFile /etc/httpd/conf/workers.properties
JkShmFile /var/log/httpd/mod_jk.shm
JkLogFile /var/log/httpd/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
虚拟主机配置:
<VirtualHost *:80>
ServerName solr1.mydomain.com
ErrorLog logs/solr1_error_80_log
LogFormat "{ \
\"host\":\"solr1.mydomain.com\", \
\"path\":\"/var/log/httpd/solr1_access_log\", \
\"tags\":[\"mydomain Trac 80\",\"solr1.mydomain.com\"], \
\"message\": \"%h %l %u %t \\\"%r\\\" %>s %b\", \
\"timestamp\": \"%{%Y-%m-%dT%H:%M:%S%z}t\", \
\"clientip\": \"%a\", \
\"duration\": %D, \
\"status\": %>s, \
\"request\": \"%U%q\", \
\"urlpath\": \"%U\", \
\"urlquery\": \"%q\", \
\"method\": \"%m\", \
\"bytes\": %B, \
\"vhost\": \"%v\" \
}" solr1_access_json
CustomLog logs/solr1_80_access_log solr1_80_access_json
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https ://%{HTTP_HOST}%{REQUEST_URI}
RewriteRule ^/$ /solr [L,R=301]
</VirtualHost>
<VirtualHost *:443>
RewriteEngine On
RewriteRule ^/$ /solr [L,R=301]
ServerName solr1.mydomain.com
ErrorLog logs/solr1_error_443_log
LogFormat "{ \
\"host\":\"solr1.mydomain.com\", \
\"path\":\"/var/log/httpd/solr1_443_access_log\", \
\"tags\":[\"mydomain Trac 443\",\"solr1.mydomain.com\"], \
\"message\": \"%h %l %u %t \\\"%r\\\" %>s %b\", \
\"timestamp\": \"%{%Y-%m-%dT%H:%M:%S%z}t\", \
\"clientip\": \"%a\", \
\"duration\": %D, \
\"status\": %>s, \
\"request\": \"%U%q\", \
\"urlpath\": \"%U\", \
\"urlquery\": \"%q\", \
\"method\": \"%m\", \
\"bytes\": %B, \
\"vhost\": \"%v\" \
}" solr1_443_access_json
CustomLog logs/solr1_443_access_log solr1_443_access_json
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/solr1.crt
SSLCertificateKeyFile /etc/pki/tls/private/solr1.key
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# Send everything for context /examples to worker named worker1 (ajp13)
<Directory /usr/share/tomcat/webapps/solr>
Options +Indexes +FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
Alias /solr /usr/share/tomcat/webapps/solr
JkMount /test/* worker1
JkMount /solr/* worker1
<Location "/solr/">
AuthType Basic
AuthName "JF Admin Page"
AuthUserFile /etc/httpd/auth
Require valid-user
</Location>
</VirtualHost>
我希望能得到一些建议来帮助我解决这个问题!
答案1
如果花费的时间太长,请确保 443 未被 ISP 阻止。确保将其转发到正确的 IP(Web 服务器)并且 Web 服务器处于监听模式。在线端口扫描器有点令人困惑,因为有些可能 443 是开放的,有些可能将其报告为关闭端口。有时它也与路由器固件有关,您可以尝试使用另一个路由器,如果仍然有问题,请致电您的 ISP 并询问他们该端口是否开放。