先进入  /usr/local/apache2/conf  目录

修改 vim httpd.conf  把下面的去掉注释

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_http_module modules/mod_proxy_http.so

LoadModule ssl_module modules/mod_ssl.so

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Include conf/extra/httpd-ssl.conf

然后进入/usr/local/apache2/conf/extra

编辑vim httpd-ssl.conf

把原来的 <VirtualHost 删除

加入如下配置

<VirtualHost *:443>
ServerName www.hp_nova2.com
ServerAlias www.hp_nova2.com
SSLEngine on
SSLProxyEngine On
SSLProxyVerify none
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
# SSLCertificateFile "Path1"
SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
# SSLCertificateKeyFile "Path2"
# SSLCertificateChainFile "Path3"
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyRequests Off
<Location />
ProxyPass https://15.31.213.137:443/
ProxyPassReverse https://15.31.213.137:443/
</Location>
</VirtualHost>

然后在/usr/local/apache2/conf/拷贝进去server.crt和server.key

(具体server.crt和server.key生成方式请参考我前面的文章使用openssl生成的证书,需要保证apache配置的证书和nodejs还有springboot配置的证书一样)

然后重启apache 执行 bin/apachectl start

问题:启动apache后访问发现报错500

查看apache的日志error.log发现

[Tue Apr 30 13:38:55.077682 2019] [proxy_http:error] [pid 12090] [client 15.38.244.222:63285] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.244096 2019] [proxy:error] [pid 12089] (502)Unknown error 502: [client 15.38.244.222:63287] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:55.244214 2019] [proxy:error] [pid 12089] [client 15.38.244.222:63287] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:55.244225 2019] [proxy_http:error] [pid 12089] [client 15.38.244.222:63287] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:55.277609 2019] [proxy:error] [pid 12093] (502)Unknown error 502: [client 15.38.244.222:63288] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.277707 2019] [proxy:error] [pid 12093] [client 15.38.244.222:63288] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.277718 2019] [proxy_http:error] [pid 12093] [client 15.38.244.222:63288] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.441908 2019] [proxy:error] [pid 12092] (502)Unknown error 502: [client 15.38.244.222:63290] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:55.441979 2019] [proxy:error] [pid 12092] [client 15.38.244.222:63290] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:55.441990 2019] [proxy_http:error] [pid 12092] [client 15.38.244.222:63290] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:55.472712 2019] [proxy:error] [pid 12091] (502)Unknown error 502: [client 15.38.244.222:63289] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.472811 2019] [proxy:error] [pid 12091] [client 15.38.244.222:63289] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.472822 2019] [proxy_http:error] [pid 12091] [client 15.38.244.222:63289] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.009281 2019] [proxy:error] [pid 12090] (502)Unknown error 502: [client 15.38.244.222:63291] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:58.009379 2019] [proxy:error] [pid 12090] [client 15.38.244.222:63291] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:58.009390 2019] [proxy_http:error] [pid 12090] [client 15.38.244.222:63291] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:58.038419 2019] [proxy:error] [pid 12089] (502)Unknown error 502: [client 15.38.244.222:63292] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.038519 2019] [proxy:error] [pid 12089] [client 15.38.244.222:63292] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.038530 2019] [proxy_http:error] [pid 12089] [client 15.38.244.222:63292] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:39:14.614789 2019] [proxy:error] [pid 12092] (502)Unknown error 502: [client 15.38.244.222:63293] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:39:14.614914 2019] [proxy:error] [pid 12092] [client 15.38.244.222:63293] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:39:14.614958 2019] [proxy_http:error] [pid 12092] [client 15.38.244.222:63293] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:39:14.646786 2019] [proxy:error] [pid 12093] (502)Unknown error 502: [client 15.38.244.222:63294] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/

最后网上查了下在httpd-ssl.conf中的VirtualHost加入如下配置,重启apache解决

SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

apache2 的https配置和代理https后端nodejs配置的更多相关文章

  1. [firefox+plug-n-hack]轻松地配置burpsuite代理https流量

    http://zone.wooyun.org/content/25982 需要用到firefox的插件plug-n-hack下载https://raw.githubusercontent.com/mo ...

  2. NGINX生产环境反向代理到后端tomcat配置

    #当访问www.kazihuo.com//sichuan-user-te时,跳转到http://10.1.93.61:7005/sichuan-user server { listen ; serve ...

  3. 一文教您如何通过 Docker 搭建反向代理 Ngnix,并配置 Https SSL 证书

    欢迎关注个人微信公众号: 小哈学Java, 每日推送 Java 领域干货文章,关注附送 100G 海量学习资源哟!! 个人网站: https://www.exception.site/docker/h ...

  4. *** + Polipo 配置全局代理(Linux 版本)

    转,原文:http://blog.csdn.net/jon_me/article/details/53525059 我本来是想查这个问题: How to start server and local ...

  5. CentOS 7 安装 Nginx 配置反向代理

    Linux使用Nginx Yum存储库上安装Nginx,适用于Red Hat Enterprise Linux和CentOS系统. 1.添加设置Nginx Yum存储库 在CentOS中首次安装Ngi ...

  6. Tomcat:利用Apache配置反向代理、负载均衡

    本篇主要介绍apache配置反向代理,介绍了两种情况:第一种是,只使用apache配置反向代理:第二种是,apache与应用服务器(tomcat)结合,配置反向代理,同时了配置了负载均衡. 准备工作 ...

  7. haproxy代理https配置方法【转】

    记得在之前的一篇文章中介绍了nginx反向代理https的方法,今天这里介绍下haproxy代理https的方法: haproxy代理https有两种方式:1)haproxy服务器本身提供ssl证书, ...

  8. windows:nginx配置http、https反向代理

    一.下载 Windows 版本的 nginx nnginx下载:http://nginx.org/en/download.html 推荐稳定版本.下载完成后,解压得到 nginx-1.14.0 ,我把 ...

  9. Nginx中配置http和https做反向代理

    参考:http://www.zslin.com/web/article/detail/73 1.安装 sudo apt-get install nginx 2.配置: http_demo.conf # ...

随机推荐

  1. Go and Beego Development

    1. Beego wiki in en and cn https://beego.me/ For API development: https://beego.me/blog/beego_api 2. ...

  2. 解决Springboot集成ActivitiModel提示输入用户名密码的问题

    一.原因分析 先要知道两点 - SpringBoot会根据引入的Jar包而自动配置相应的功能. - ActivitiModeler中引用了Spring Security的Jar.(是一个安全或者说权限 ...

  3. Code First 之类继承

    关于Entity Framework 的code first 模式,相信大家都不陌生了.本文就来看看实体继承在 codefirst里的用法. 第一步  添加 code first 的环境 这里为了方便 ...

  4. springMVC框架介绍以及运行流程(图解)

    1 Springmvc是什么? spring web mvc和struts2都属于表现层的框架,spring web mvc是spring框架的一部分(所以spring mvc与spring之间不需要 ...

  5. BI实施的四个层次

    满足业务需求 注重数据分析汇总 统一.高效的系统集成越来越麻烦.管理人员穿梭在具有不同风格.使用逻辑的系统间,越来越厌倦,众多系统之间的业务逻辑.数据含义不一致,使用户无法判 断数据的准确性.任何一个 ...

  6. 利用BeanUtils.copyProperties 克隆出新对象,避免对象重复问题

    1.经常用jQuery获取标签里面值val(),或者html(),text()等等,有次想把获取标签的全部html元素包括自己也用来操作,查询了半天发现$("#lefttr1"). ...

  7. (二分搜索 )Strange fuction -- HDU -- 2899

    链接: http://acm.hdu.edu.cn/showproblem.php?pid=2899 Time Limit: 2000/1000 MS (Java/Others)    Memory ...

  8. vc++ 不同对话框中传递信息的方法(基于自定义消息SendMessage) (转载)

    转载自:http://blog.csdn.net/myj0513/article/details/6827360 背景: 新建了一个基于对话框的MFC程序,在主对话框中添加tabcontrol控件,又 ...

  9. SpringBoot整合mybatis、shiro、redis实现基于数据库的细粒度动态权限管理系统实例

    1.前言 本文主要介绍使用SpringBoot与shiro实现基于数据库的细粒度动态权限管理系统实例. 使用技术:SpringBoot.mybatis.shiro.thymeleaf.pagehelp ...

  10. 1、Docker介绍

      Docker是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的Linux机器上,也可以实现虚拟化.容器完全使用沙箱机制,相互之间不会有任何接口 ...