我正在Tomcat 7
其上运行Apache
并使用Openssl
安全 http。
我的根目录是 docs:
DocumentRoot "D:/Apache Group/Apache2/docs"
里面docs
有一个文件夹upload
,我通过 Tomcat 应用程序将所有文件上传到该文件夹。
升级到 Apache 2.4 后,我无法再上传大文件。但我可以上传 .txt、.xml 和 .csv 文件。
作为测试,我取了一个 .txt 文件并将其大小调整为 6.~ KB,但上传失败,而将其调整为 5.53KB 则成功。所以这一定是文件大小问题。
错误日志
[Thu Apr 02 11:23:02.520000 2015] [ssl:debug] [pid 3272:tid 2392] ssl_engine_kernel.c(236): [client 192.111.4.55:64326] AH02034: Subsequent (No.9) HTTPS request received for child 249 (server myserver.com:443), referer: https://myserver.com/da8/jsp/Upload.jsp?Id=85&clear=true
[Thu Apr 02 11:23:02.520000 2015] [authz_core:debug] [pid 3272:tid 2392] mod_authz_core.c(834): [client 192.111.4.55:64326] AH01628: authorization result: granted (no directives), referer: https://myserver.com/da8/jsp/Upload.jsp?Id=85&clear=true
[Thu Apr 02 11:23:18.538000 2015] [ssl:info] [pid 3272:tid 2392] (OS 10060)A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. : [client 192.111.4.55:64326] AH01991: SSL input filter read failed.
[Thu Apr 02 11:23:18.538000 2015] [ssl:debug] [pid 3272:tid 2392] ssl_engine_io.c(999): [client 192.111.4.55:64326] AH02001: Connection closed to child 249 with standard shutdown (server myserver.com:443)
httpd配置文件
ServerRoot "D:/Apache Group/Apache2"
PidFile logs/httpd.pid
ScoreBoardFile logs/apache_runtime_status
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
<IfModule mpm_winnt.c>
ThreadsPerChild 250
MaxRequestsPerChild 0
AcceptFilter http none
</IfModule>
ServerSignature off
ServerTokens Prod
SSLInsecureRenegotiation on
Listen 443
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule allowmethods_module modules/mod_allowmethods.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule include_module modules/mod_include.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule socache_dbm_module modules/mod_socache_dbm.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule ssl_module modules/mod_ssl.so
ServerAdmin [email protected]
#internal IP address
ServerName 172.18.5.111
DocumentRoot "D:/Apache Group/Apache2/docs"
<Directory />
Options FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs/to_be_deleted">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all denied
</Directory>
<Directory "D:/Apache Group/Apache2/docs/to_be_deleted/*">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Tomcat/webapps/da8">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Tomcat/webapps/da8/*">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs/upload funding">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all denied
</Directory>
<Directory "D:/Apache Group/Apache2/docs/upload funding/*">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Tomcat/webapps/da8">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs/*">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Tomcat/webapps/da8">
<Files "*.jsp">
Require all granted
</Files>
</Directory>
<Directory "D:/Apache Group/Apache2/docs/upload funding">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all denied
</Directory>
<Directory "D:/Apache Group/Apache2/docs/upload funding">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs/pubs">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all denied
</Directory>
<Directory "D:/Apache Group/Apache2/docs/pubs/*">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs/uploadShippingAddressFiles">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all denied
</Directory>
<Directory "D:/Apache Group/Apache2/docs/uploadShippingAddressFiles/*">
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Require all granted
</Directory>
<IfModule mod_userdir.c>
UserDir "D:/Apache Group/Apache2/users/"
</IfModule>
<IfModule mod_dir.c>
DirectoryIndex index.html
</IfModule>
AccessFileName .htaccess
<Files ~ "^\.ht">
Require all denied
Satisfy All
</Files>
UseCanonicalName Off
<IfModule mod_mime.c>
TypesConfig conf/mime.types
</IfModule>
#DefaultType text/plain
AddType text/css css
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
ErrorLog logs/error.log
LogLevel debug
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
ServerSignature On
<IfModule mod_alias.c>
#Labels Alias
Alias /labels/ "D:/Apache Group/Apache2/docs/Labels/"
<Directory "D:/Apache Group/Apache2/docs/Labels/">
Options FollowSymlinks MultiViews
AllowOverride None
Require all granted
</Directory>
#Upload Alias
Alias /upload/ "D:/Apache Group/Apache2/docs/upload/"
<Directory "D:/Apache Group/Apache2/docs/upload/">
Options FollowSymlinks MultiViews
AllowOverride All
Require all granted
</Directory>
<Directory "D:/Apache Group/Apache2/docs/upload/*">
Options Indexes FollowSymlinks MultiViews
AllowOverride All
Require all granted
</Directory>
Alias /icons/ "D:/Apache Group/Apache2/icons/"
<Directory "D:/Apache Group/Apache2/icons">
Options Indexes MultiViews
AllowOverride None
Require all granted
</Directory>
Alias /manual/ "D:/Apache Group/Apache2/htdocs/manual/"
<Directory "D:/Apache Group/Apache2/htdocs/manual">
Options Indexes FollowSymlinks MultiViews
AllowOverride None
Require all granted
</Directory>
ScriptAlias /cgi-bin/ "D:/Apache Group/Apache2/cgi-bin/"
<Directory "D:/Apache Group/Apache2/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
</IfModule>
<IfModule mod_autoindex.c>
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README
HeaderName HEADER
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
</IfModule>
<IfModule mod_mime.c>
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
AddLanguage da .dk
AddLanguage nl .nl
AddLanguage en .en
AddLanguage et .ee
AddLanguage fr .fr
AddLanguage de .de
AddLanguage el .el
AddLanguage he .he
AddCharset ISO-8859-8 .iso8859-8
AddLanguage it .it
AddLanguage ja .ja
AddCharset ISO-2022-JP .jis
AddLanguage kr .kr
AddCharset ISO-2022-KR .iso-kr
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddCharset ISO-8859-2 .iso-pl
AddLanguage pt .pt
AddLanguage pt-br .pt-br
AddLanguage ltz .lu
AddLanguage ca .ca
AddLanguage es .es
AddLanguage sv .sv
AddLanguage cz .cz
AddLanguage ru .ru
AddLanguage tw .tw
AddLanguage zh-tw .tw
AddCharset Big5 .Big5 .big5
AddCharset WINDOWS-1251 .cp-1251
AddCharset CP866 .cp866
AddCharset ISO-8859-5 .iso-ru
AddCharset KOI8-R .koi8-r
AddCharset UCS-2 .ucs2
AddCharset UCS-4 .ucs4
AddCharset UTF-8 .utf8
<IfModule mod_negotiation.c>
LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
</IfModule>
AddType application/x-tar .tgz
</IfModule>
<IfModule mod_setenvif.c>
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
TraceEnable off
Include "D:/Apache Group/Apache2/conf/httpd-jk.conf"
Mutex default ssl-cache
SSLRandomSeed startup builtin
SSLSessionCache dbm:logs/ssl_gcache_data
SSLSessionCacheTimeout 300
SSLCipherSuite HIGH:MEDIUM
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT56:!RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXP
<VirtualHost *:80>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^/(.*)$ https://%{SERVER_NAME}
</IfModule>
</VirtualHost>
<IfModule mod_headers.c>
Header set Cache-Control "public"
Header set X-Frame-Options SAMEORIGIN
</IfModule>
<VirtualHost _default_:443>
ServerName myserver.com
# HTTP Strict Transport Security (often abbreviated as HSTS) is a security
# feature that lets a web site tell browsers that it should only be communicated
# with using HTTPS, instead of using HTTP
Header set Strict-Transport-Security "max-age=31536000; includeSubDomains"
DocumentRoot "D:/Apache Group/Apache2/docs"
SSLEngine On
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLCertificateFile conf/ssl/certificate.crt
SSLCertificateKeyFile conf/ssl/certificate.key
SSLCACertificateFile conf/ssl.crt/cabundle.crt
<Location /da8/pki>
SSLVerifyClient require
SSLVerifyDepth 10
#SSLCACertificateFile conf/ssl.crt/cabundle.crt
SSLOptions +StdEnvVars +ExportCertData
</Location>
JkExtractSSL On
JkHTTPSIndicator HTTPS
JkSESSIONIndicator SSL_SESSION_ID
JkCIPHERIndicator SSL_CIPHER
JkCERTSIndicator SSL_CLIENT_CERT
JkEnvVar SSL_CLIENT_CERT SSL_CLIENT_CERT
JkEnvVar SSL_CLIENT_CERT_CHAIN_0 SSL_CLIENT_CERT_CHAIN_0
JKOptions +ForwardSSLCertChain
JKMount /*.jsp dol
JKMount /*.jsf dol
JKMount /da8/faces/* dol
JKMount /servlet/* dol
JKMount /da8/servlet/* dol
JKMount /jasperserver/* report
SSLInsecureRenegotiation on
</VirtualHost>
有人知道这与什么有关吗?
答案1
我想到了。
它是 Apache-Tomcat 连接器:AJP 1.3
在我添加 packetSize 之后它就起作用了。
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" packetSize="65536" />