先进入  /usr/local/apache2/conf  目录

修改 vim httpd.conf  把下面的去掉注释

LoadModule proxy_module modules/mod_proxy.so

LoadModule proxy_http_module modules/mod_proxy_http.so

LoadModule ssl_module modules/mod_ssl.so

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so

Include conf/extra/httpd-ssl.conf

然后进入/usr/local/apache2/conf/extra

编辑vim httpd-ssl.conf

把原来的 <VirtualHost 删除

加入如下配置

<VirtualHost *:443>
ServerName www.hp_nova2.com
ServerAlias www.hp_nova2.com
SSLEngine on
SSLProxyEngine On
SSLProxyVerify none
SSLCertificateFile "/usr/local/apache2/conf/server.crt"
# SSLCertificateFile "Path1"
SSLCertificateKeyFile "/usr/local/apache2/conf/server.key"
# SSLCertificateKeyFile "Path2"
# SSLCertificateChainFile "Path3"
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
ProxyRequests Off
<Location />
ProxyPass https://15.31.213.137:443/
ProxyPassReverse https://15.31.213.137:443/
</Location>
</VirtualHost>

然后在/usr/local/apache2/conf/拷贝进去server.crt和server.key

(具体server.crt和server.key生成方式请参考我前面的文章使用openssl生成的证书,需要保证apache配置的证书和nodejs还有springboot配置的证书一样)

然后重启apache 执行 bin/apachectl start

问题:启动apache后访问发现报错500

查看apache的日志error.log发现

[Tue Apr 30 13:38:55.077682 2019] [proxy_http:error] [pid 12090] [client 15.38.244.222:63285] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.244096 2019] [proxy:error] [pid 12089] (502)Unknown error 502: [client 15.38.244.222:63287] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:55.244214 2019] [proxy:error] [pid 12089] [client 15.38.244.222:63287] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:55.244225 2019] [proxy_http:error] [pid 12089] [client 15.38.244.222:63287] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:55.277609 2019] [proxy:error] [pid 12093] (502)Unknown error 502: [client 15.38.244.222:63288] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.277707 2019] [proxy:error] [pid 12093] [client 15.38.244.222:63288] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.277718 2019] [proxy_http:error] [pid 12093] [client 15.38.244.222:63288] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.441908 2019] [proxy:error] [pid 12092] (502)Unknown error 502: [client 15.38.244.222:63290] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:55.441979 2019] [proxy:error] [pid 12092] [client 15.38.244.222:63290] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:55.441990 2019] [proxy_http:error] [pid 12092] [client 15.38.244.222:63290] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:55.472712 2019] [proxy:error] [pid 12091] (502)Unknown error 502: [client 15.38.244.222:63289] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.472811 2019] [proxy:error] [pid 12091] [client 15.38.244.222:63289] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:55.472822 2019] [proxy_http:error] [pid 12091] [client 15.38.244.222:63289] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.009281 2019] [proxy:error] [pid 12090] (502)Unknown error 502: [client 15.38.244.222:63291] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:38:58.009379 2019] [proxy:error] [pid 12090] [client 15.38.244.222:63291] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:38:58.009390 2019] [proxy_http:error] [pid 12090] [client 15.38.244.222:63291] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:38:58.038419 2019] [proxy:error] [pid 12089] (502)Unknown error 502: [client 15.38.244.222:63292] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.038519 2019] [proxy:error] [pid 12089] [client 15.38.244.222:63292] AH00898: Error during SSL Handshake with remote server returned by /favicon.ico, referer: https://15.31.213.106/
[Tue Apr 30 13:38:58.038530 2019] [proxy_http:error] [pid 12089] [client 15.38.244.222:63292] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 (), referer: https://15.31.213.106/
[Tue Apr 30 13:39:14.614789 2019] [proxy:error] [pid 12092] (502)Unknown error 502: [client 15.38.244.222:63293] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137)
[Tue Apr 30 13:39:14.614914 2019] [proxy:error] [pid 12092] [client 15.38.244.222:63293] AH00898: Error during SSL Handshake with remote server returned by /
[Tue Apr 30 13:39:14.614958 2019] [proxy_http:error] [pid 12092] [client 15.38.244.222:63293] AH01097: pass request body failed to 15.31.213.137:443 (15.31.213.137) from 15.38.244.222 ()
[Tue Apr 30 13:39:14.646786 2019] [proxy:error] [pid 12093] (502)Unknown error 502: [client 15.38.244.222:63294] AH01084: pass request body failed to 15.31.213.137:443 (15.31.213.137), referer: https://15.31.213.106/

最后网上查了下在httpd-ssl.conf中的VirtualHost加入如下配置,重启apache解决

SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off

apache2 的https配置和代理https后端nodejs配置的更多相关文章

  1. [firefox+plug-n-hack]轻松地配置burpsuite代理https流量

    http://zone.wooyun.org/content/25982 需要用到firefox的插件plug-n-hack下载https://raw.githubusercontent.com/mo ...

  2. NGINX生产环境反向代理到后端tomcat配置

    #当访问www.kazihuo.com//sichuan-user-te时,跳转到http://10.1.93.61:7005/sichuan-user server { listen ; serve ...

  3. 一文教您如何通过 Docker 搭建反向代理 Ngnix,并配置 Https SSL 证书

    欢迎关注个人微信公众号: 小哈学Java, 每日推送 Java 领域干货文章,关注附送 100G 海量学习资源哟!! 个人网站: https://www.exception.site/docker/h ...

  4. *** + Polipo 配置全局代理(Linux 版本)

    转,原文:http://blog.csdn.net/jon_me/article/details/53525059 我本来是想查这个问题: How to start server and local ...

  5. CentOS 7 安装 Nginx 配置反向代理

    Linux使用Nginx Yum存储库上安装Nginx,适用于Red Hat Enterprise Linux和CentOS系统. 1.添加设置Nginx Yum存储库 在CentOS中首次安装Ngi ...

  6. Tomcat:利用Apache配置反向代理、负载均衡

    本篇主要介绍apache配置反向代理,介绍了两种情况:第一种是,只使用apache配置反向代理:第二种是,apache与应用服务器(tomcat)结合,配置反向代理,同时了配置了负载均衡. 准备工作 ...

  7. haproxy代理https配置方法【转】

    记得在之前的一篇文章中介绍了nginx反向代理https的方法,今天这里介绍下haproxy代理https的方法: haproxy代理https有两种方式:1)haproxy服务器本身提供ssl证书, ...

  8. windows:nginx配置http、https反向代理

    一.下载 Windows 版本的 nginx nnginx下载:http://nginx.org/en/download.html 推荐稳定版本.下载完成后,解压得到 nginx-1.14.0 ,我把 ...

  9. Nginx中配置http和https做反向代理

    参考:http://www.zslin.com/web/article/detail/73 1.安装 sudo apt-get install nginx 2.配置: http_demo.conf # ...

随机推荐

  1. Spring Cloud Bus实现自动更新配置

    一.概述 1. 配置环境 版本:Spring Boot版本2.0.3.RELEASE,Spring Cloud版本Finchley.SR1,RabbitMQ 3.7.7 说明:本文章是在https:/ ...

  2. Python运维开发基础09-函数基础

    上节作业回顾 #!/usr/bin/env python3 # -*- coding:utf-8 -*- # author:Mr.chen # 实现简单的shell命令sed的替换功能 import ...

  3. testng参数化(提供测试数据)

    testng提供测试数据的两个注释:@DataProvide和@Parameter   一.通过testng.xml中设置参数 (实际上testng.xml只是一个名字,可以起任何一个名字,只要是.x ...

  4. transform.rotation和GetComponent<Rigidbody>().MoveRotation

    同时在UPDATE和FIXED UPDATE中调整 旋转 并未出现闪,而是一直以UPDATE中的为准,可认为MoveRotation调用后在UPDATE中生效 using System.Collect ...

  5. android应用程序monkey压力测试(模拟器或真机)

    首先需要安装一个模拟器: 前置条件: 1.jdk环境配置 2.eclipse下载安装(直接解压即可) 3.网站上下载ADT: 由于国内禁止google的浏览,所以需要自己上网找资源,下面这个网站有比较 ...

  6. memcache can't run as root without the -u switch

    memcached是一款高速.分布式的内存缓存系统.其官方主页在http://www.danga.com/memcached/1.安装前的准备要安装memcached,需要有libevent的支持.c ...

  7. radio单选框

    1.写 <!DOCTYPE html> <html> <head> <title></title> <script language= ...

  8. nvidia显卡驱动

    http://blog.csdn.net/Monica__2012/article/details/75577522 $nvidia-smi

  9. Java 设计模式系列(六)适配器模式

    Java 设计模式系列(六)适配器模式 适配器模式把一个类的接口变换成客户端所期待的另一种接口,从而使原本因接口不匹配而无法在一起工作的两个类能够在一起工作. 适配器模式的结构: 类的适配器模式 对象 ...

  10. sqlserver2012 清除日志

    1. backup log wwgl_demo to disk='D:\DATA_BACKUP\2017-07-19.log' 2. 右键数据库-->任务-->收缩-->文件     ...