我有一个要加载的页面https://218.251.240.118:8080/登录...但我收到 SSL 连接错误。以下是配置文件详细信息:
apache httpd.conf 文件(由于文件很大,因此我只发布未注释的行)
ServerRoot "/usr/local/apache22-publisher"
Listen 80
User apache
Group apache
</IfModule>
</IfModule>
ServerAdmin [email protected]
ServerName pro-pcrawler101d:80
DocumentRoot "/usr/local/apache22-publisher/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
<Directory "/data/publisher_files">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
Alias /icons/ "/data/icons/"
<Directory "/data/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ "/data/cgi-bin/"
<Directory "/data/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
Alias /error/ "/data/error/"
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
<Directory "/data/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
DirectoryIndex index.html index.html.var
ServerSignature Off
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
Alias /publisher /data/publisher_files
Alias /rcr /data/publisher_files
Include conf/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
这是我的 httpd-ssl.conf 文件(由于文件很大,我只发布未注释的行):
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/usr/local/apache22- publisher/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/usr/local/apache22-publisher/logs/ssl_mutex"
<VirtualHost _default_:443>
DocumentRoot "/data/publisher_files"
ServerName pro-pcrawler101zd:443
ServerAdmin [email protected]
ErrorLog "/usr/local/apache22-publisher/logs/error_log"
TransferLog "/usr/local/apache22-publisher/logs/access_log"
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/usr/local/apache22-publisher/conf/server.crt"
SSLCertificateKeyFile "/usr/local/apache22-publisher/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/apache22-publisher/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/usr/local/apache22-publisher/logs/ssl_request_log" \
"t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r" %b"
ProxyPass /rcr ajp://127.0.0.1:8009/rcr
ProxyPassReverse /rcr ajp://127.0.0.1:8009/rcr
</VirtualHost>
尝试重新启动 tomcat 和 httpd 服务,没有变化。tomcat 和 httpd 正在运行并监听各自的端口。如能得到任何帮助我将不胜感激。谢谢。
答案1
您遇到了什么 SSL 连接错误?
检查事项:
- 您尝试使用的浏览器中的 TLS/SSL 证书是否由您信任的 CA 签名?
- 证书是否以 IP 地址作为 cn 或 subjectAltName?
- 我没有看到 CA 包。您的证书包中是否有包含证书所需的所有中级/CA 证书?