我一直在尝试弄清楚如何在 Apache HTTPD 中代理我的 REST API 端点。
- Apache HTTPD 2.4.6(Centos)
- 前端 - React 应用程序 (create-react-app)
- 通过端口 9000 的 Node JS API 端点。我正在使用一个名为 fast-gateway 的 nodejs 网关。
- 使用自签名证书提供的 Rest Endpoint。仅适用于开发环境,一旦投入生产就会发生变化。
我已在 /etc/httpd/conf.d 中配置了 SSL.conf,如下所示:
##
## SSL Virtual Host Context
##
<VirtualHost *:443>
DocumentRoot "/var/www/webserver/html/build"
SSLEngine On
SSLCACertificateFile /etc/ssl/certs/ca.cer
SSLCertificateFile /etc/ssl/certs/WEBSERVER.crt
SSLCertificateKeyFile /etc/ssl/private/WEBSERVER.key
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
#PROXY
SSLProxyEngine On
ProxyRequests off
ProxyPreserveHost On
ProxyTimeout 1200
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
#RewriteEngine on
ProxyPass /business https://appserver:9000
ProxyPassReverse /business https://appserver:9000/
Options -Indexes
Options -ExecCGI -FollowSymLinks -Includes
</VirtualHost>
# intermediate config
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLUseStapling On
SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
当我在前端执行请求时,我在调用端点时收到 404 错误
Request URL: https://webserver/business/api/login
Request Method: POST
Status Code: 404 Not Found
Remote Address: 192.168.56.129:443
Referrer Policy: strict-origin-when-cross-origin
我的站点可用配置
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName webserver
ServerAlias webserver
DocumentRoot /var/www/webserver/html/build
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
我应该重写 URL 吗?端点地址应该是 https://appserver/business/api/login,这可能是 404 的原因吗?还是我配置错了什么?
答案1
要将 https://webserver/business/api 代理到 https://appserver:9000/business/api,您需要
ProxyPass /business/ https://appserver:9000/business/
ProxyPassReverse /business/ https://appserver:9000/business/
答案2
您可能想尝试以下操作:
RewriteCond %{REQUEST_URI} /business/ [NC]
RewriteRule /business/(.*) https://appserver:9000/business/$1?%{QUERY_STRING} [P,L] [R=307]
我读到,重定向标志必须是 307,请求的模式才能按原样传递。如果它对您有用,请告诉我。