Spring Boot Apache SSL 反向代理

Spring Boot Apache SSL 反向代理

我有一个在 Amazon Linux 服务器上运行的 Spring Boot 应用程序。我使用 Apache HTTP 服务器作为此应用程序的代理服务器。最近我安装了 Let's Encrypt SSL 证书并在 Apache 上为此添加了虚拟主机条目。但是,我无法让它与 Spring Boot 正常工作。不过似乎没有 SSL 版本可以正常工作。

我观察到,当用户调用 https 版本时,请求会到达 Spring Boot 应用程序,但用户会收到来自 Apache 的 HTTP 404 错误。例如,这可以正常工作:http://example.com/oauth/token但这不起作用并返回 404:https://example.com/oauth/token

我发布了下面的配置文件,我遗漏了什么?

虚拟主机配置文件

<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/example.com/public_html
    ErrorLog /var/www/example.com/logs/error.log
    CustomLog /var/www/example.com/logs/access.log combined

    RewriteEngine On
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -f [OR]
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -d
    RewriteRule ^ - [L]
    RewriteRule ^(/api/v1) - [L]
    RewriteRule ^(/oauth/token) - [L]

    RewriteRule ^ /index.html [L]

    SSLEngine on
    SSLCertificateFile /var/www/example.com/cert/cert.pem
    SSLCertificateKeyFile /var/www/example.com/cert/privkey.pem

    ProxyPreserveHost on
    RequestHeader set X-Forwarded-Proto https
    RequestHeader set X-Forwarded-Port 443
    ProxyPass /api/v1 http://127.0.0.1:8080/api/v1
    ProxyPassReverse /api/v1 http://127.0.0.1:8080/api/v1
    ProxyPass /oauth/token http://127.0.0.1:8080/oauth/token
    ProxyPassReverse /oauth/token http://127.0.0.1:8080/oauth/token
</VirtualHost>

<VirtualHost *:80>
    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/example.com/public_html
    ErrorLog /var/www/example.com/logs/error.log
    CustomLog /var/www/example.com/logs/access.log combined

    RewriteEngine On
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -f [OR]
    RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} -d
    RewriteRule ^ - [L]
    RewriteRule ^(/api/v1) - [L]
    RewriteRule ^(/oauth/token) - [L]

    RewriteRule ^ /index.html [L]

    ProxyPreserveHost on
    ProxyPass /api/v1 http://127.0.0.1:8080/api/v1
    ProxyPassReverse /api/v1 http://127.0.0.1:8080/api/v1
    ProxyPass /oauth/token http://127.0.0.1:8080/oauth/token
    ProxyPassReverse /oauth/token http://127.0.0.1:8080/oauth/token
</VirtualHost>

应用程序.属性

server.context-path=/api/v1
server.address=127.0.0.1
server.port=8080
server.use-forward-headers=true
server.tomcat.remote_ip_header=x-forwarded-for
server.tomcat.protocol_header=x-forwarded-proto

答案1

我认为它应该是“server.tomcat.protocol-header”,而不是“protocol_标题”

例如: server.tomcat.protocol-header-https-value=https server.tomcat.protocol-header=X-Forwarded-Proto server.tomcat.port-header=X-Forwarded-Port

答案2

server.tomcat.remote_ip_header=x-forwarded-for

server.tomcat.protocol_header=x-forwarded-proto

参考链接: https://docs.spring.io/spring-boot/docs/1.1.5.RELEASE/reference/html/howto-embedded-servlet-containers.html

相关内容