我正在使用我们的 Debian X64 服务器,它是 5 个域名的端点。其中一个域名由在 Apache Web 服务器上运行的 Web 项目使用。其余 4 个域有单独的 Web 应用程序在单个 Apache Tomcat 实例上运行。目前我使用它mod_proxy来将请求重定向到适当的 Web 应用程序。
不幸的是,一旦出现 HTTPS,这种设置就变得毫无用处。我无法安装包含所有域的单个 https 证书。此类证书由LetsEncrypt。
安装证书后,任何请求都只会重定向到单个 Tomcat 域。起初我无法理解这种行为,但在检查证书后,我发现它重定向到的域是证书中多个域中的第一个。我不知道为什么 URL 未被处理,但这是当前的行为。我曾考虑使用mod_jk而不是mod_proxy来完成这项任务,但不知道这是否正是我所需要的。
我想知道如何创建一个设置,以便为每个域安装单独的 SSL 证书。以下是当前设置的基本概述:
Apache2 工作者.属性:
worker.list = worker_app1
worker.worker_app1.type = lb
worker.worker_app1.balance_workers = app1_instance1
worker.worker_app1.sticky_session = true
worker.worker_app1.sticky_session_force = false
worker.worker_app1.method = busyness
worker.app1_instance1.type = ajp13
worker.app1_instance1.host = 127.0.0.1
worker.app1_instance1.port = 8010
worker.app1_instance1.host = localhost
worker.app1_instance1.lbfactor = 1
worker.app1_instance1.socket_timeout = 40
worker.app1_instance1.socket_keepalive = true
worker.app1_instance1.reply_timeout = 30000
Apache 站点已启用/000-默认:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.domain4.de.com
ServerAlias domain4.de.com
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName www.domain1.de
ServerAlias domain1.de
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.domain1.de/tool.crt
SSLCertificateKeyFile /etc/letsencrypt/live/www.domain1.de/private.key
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
#ErrorDocument 503 /maintenance.html
# ErrorDocument 404 /maintenance.html
# ErrorDocument 500 /maintenance.html
#ProxyPass /maintenance.html !
#ProxyPass / http://localhost:8080/
#ProxyPassReverse / http://localhost:8080/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain3.de
ServerAlias domain3.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
#ErrorDocument 503 /maintenance.html
# ErrorDocument 404 /maintenance.html
# ErrorDocument 500 /maintenance.html
#ProxyPass /maintenance.html !
#ProxyPass / http://localhost:8080/
#ProxyPassReverse / http://localhost:8080/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain3.de
ServerAlias domain3.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain2.de
ServerAlias domain2.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:80>
ServerName www.domain5.de
ServerAlias domain5.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
如果需要任何其他信息,请告知我。感谢您的时间。
编辑
我通过在 Spring-security 配置中指定,重新部署了所有 webapps 以使用 https。我尝试了下面的配置。请注意,对于每个 VirtualHost ,我还尝试了 ProxyPass 和 localhost:8080 。目前,只有 webserver 应用程序加载,没有其他任何东西。
我将 000-default 更改如下:
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.domain4.de.com
ServerAlias domain4.de.com
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName www.domain1.de
ServerAlias domain1.de
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.domain1.de/tool.crt
SSLCertificateKeyFile /etc/letsencrypt/live/www.domain1.de/private.key
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
#ErrorDocument 503 /maintenance.html
# ErrorDocument 404 /maintenance.html
# ErrorDocument 500 /maintenance.html
#ProxyPass /maintenance.html !
#ProxyPass / http://localhost:8443/
#ProxyPassReverse / http://localhost:8443/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain3.de
ServerAlias domain3.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
#ErrorDocument 503 /maintenance.html
# ErrorDocument 404 /maintenance.html
# ErrorDocument 500 /maintenance.html
#ProxyPass /maintenance.html !
#ProxyPass / http://localhost:8443/
#ProxyPassReverse / http://localhost:8443/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain3.de
ServerAlias domain3.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8443/
ProxyPassReverse / http://localhost:8443/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain2.de
ServerAlias domain2.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8443/
ProxyPassReverse / http://localhost:8443/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>
<VirtualHost *:443>
ServerName www.domain5.de
ServerAlias domain5.de
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ErrorDocument 503 /maintenance.html
ErrorDocument 404 /maintenance.html
ErrorDocument 500 /maintenance.html
ProxyPass /maintenance.html !
ProxyPass / http://localhost:8443/
ProxyPassReverse / http://localhost:8443/
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>