我正在尝试设置我的网页管理工具实例到地址https://webmin.example.com但我收到内部服务器错误 (500)。知道原因吗?
这是我的 Apache 配置:
<VirtualHost *:443>
ServerName webmin.example.com
ServerAlias webmin.example.com
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://127.0.0.1:10000/
ProxyPassReverse / https://127.0.0.1:10000/
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/server.pem
SSLCertificateKeyFile /etc/apache2/ssl/server.key
</VirtualHost>
以下是日志文件的内容:
[ssl:error] [pid 21593] [remote 127.0.0.1:10000] AH01961: SSL Proxy requested for webmin.example.com:443 but not enabled [Hint: SSLProxyEngine]
[proxy:error] [pid 21593] AH00961: HTTPS: failed to enable ssl support for 127.0.0.1:10000 (127.0.0.1)
答案1
由于您正在代理 https 请求,因此您需要启用 SSL 代理
<VirtualHost *:443>
ServerName webmin.example.com
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/server.pem
SSLCertificateKeyFile /etc/apache2/ssl/server.key
SSLProxyEngine On
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://127.0.0.1:10000/
ProxyPassReverse / https://127.0.0.1:10000/
</VirtualHost>
您还需要启用一些模块:
- mod_ssl
- mod_proxy
- mod_proxy_http
如果你的 ServerAlias 与你的服务器名相同,它将变得毫无用处,因此你可以将其删除
您可以删除此部分,默认情况下您将被授予访问权限:
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
如果您使用自签名证书,则需要删除 SSL 验证:
SSLProxyEngine On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
代替
SSLProxyEngine On
SSLProxyCheckPeerCN on
SSLProxyCheckPeerExpire on
更多信息请点击此处https://httpd.apache.org/docs/trunk/mod/mod_ssl.html