Intereting Posts
openvpn在连接后短暂停止工作
卡桑德拉:做更多的存储大小,需要更多的CPU和RAM
所有免费的IPA客户端无法login
有没有.deb版本的咆哮?
多域服务器邮件
我如何在apache2上启用deflate? Debian的
OpenSSH SFTP服务器在put命令(chrooted环境)后使用umask还是保留客户端权限?
准备出售服务器
Munin:图表不绘制一个标签
傀儡评估variables只有一次
CPU – 虚拟化技术(英特尔VT)在笔记本电脑
SSH没有什么,没关系它得到什么命令行(Cygwin的)
如何在CentOS上find通过yum安装的东西的源文件
新的办公室布线:我们应该使用CAT7还是CAT6a?
如何在没有电子邮件的情况下重置Chef Web服务器的密码
Apache,Tomcat:如何在单个服务器上使用多个SSL证书
我正在使用我们的Debian X64服务器,它是5个域名的端点。 其中一个域名被Apache Web服务器上运行的web项目所利用。 剩下的4个域在单独的Apache Tomcat实例上运行单独的webapps。 目前我正在使用mod_proxy将请求redirect到适当的webapps。
不幸的是,一旦HTTPS问世,这个设置就变得毫无用处。 我无法安装包含所有域的单个https证书。 这样的证书由LetsEncrypt提供。
安装证书后,任何请求将被redirect到一个单一的Tomcat域。 起初我无法理解这种行为,但在检查证书后,我发现它redirect到的域是证书中多个域中的第一个域。 我不知道为什么url没有处理,但这是目前的行为。 我正在考虑使用mod_jk而不是mod_proxy来完成这个任务,但不知道这是否正是我所需要的。
我想知道如何创build一个安装程序,我可以为每个域安装单独的SSL证书。 以下是目前设置的基本概述:
- httpd.conf(ProxyPass和ProxyPassReverse)
- 使用Tornado服务器和Apache2进行SSL反向代理,初始页面加载速度较慢
- rsyslog捕获apacher日志mongodb
- 与领先的短跑cookies
- Apache radius auth与firefox一起使用,而不是使用chrome
Apache2 workers.properties:
worker.list = worker_app1 worker.worker_app1.type = lb worker.worker_app1.balance_workers = app1_instance1 worker.worker_app1.sticky_session = true worker.worker_app1.sticky_session_force = false worker.worker_app1.method = busyness worker.app1_instance1.type = ajp13 worker.app1_instance1.host = 127.0.0.1 worker.app1_instance1.port = 8010 worker.app1_instance1.host = localhost worker.app1_instance1.lbfactor = 1 worker.app1_instance1.socket_timeout = 40 worker.app1_instance1.socket_keepalive = true worker.app1_instance1.reply_timeout = 30000
启用Apache网站/ 000-default:
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName www.domain4.de.com ServerAlias domain4.de.com DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Listen 443 <VirtualHost *:443> ServerName www.domain1.de ServerAlias domain1.de SSLEngine on SSLCertificateFile /etc/letsencrypt/live/www.domain1.de/tool.crt SSLCertificateKeyFile /etc/letsencrypt/live/www.domain1.de/private.key ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> #ErrorDocument 503 /maintenance.html # ErrorDocument 404 /maintenance.html # ErrorDocument 500 /maintenance.html #ProxyPass /maintenance.html ! #ProxyPass / http://localhost:8080/ #ProxyPassReverse / http://localhost:8080/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:80> ServerName www.domain3.de ServerAlias domain3.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> #ErrorDocument 503 /maintenance.html # ErrorDocument 404 /maintenance.html # ErrorDocument 500 /maintenance.html #ProxyPass /maintenance.html ! #ProxyPass / http://localhost:8080/ #ProxyPassReverse / http://localhost:8080/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:80> ServerName www.domain3.de ServerAlias domain3.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ErrorDocument 503 /maintenance.html ErrorDocument 404 /maintenance.html ErrorDocument 500 /maintenance.html ProxyPass /maintenance.html ! ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:80> ServerName www.domain2.de ServerAlias domain2.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ErrorDocument 503 /maintenance.html ErrorDocument 404 /maintenance.html ErrorDocument 500 /maintenance.html ProxyPass /maintenance.html ! ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:80> ServerName www.domain5.de ServerAlias domain5.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ErrorDocument 503 /maintenance.html ErrorDocument 404 /maintenance.html ErrorDocument 500 /maintenance.html ProxyPass /maintenance.html ! ProxyPass / http://localhost:8080/ ProxyPassReverse / http://localhost:8080/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost>
如果有任何其他信息需要,请让我知道。 感谢您的时间。
编辑
通过在Spring-securityconfiguration中指定,我重新部署了所有webapps以使用https。 我试着下面的configuration。 请注意每个VirtualHost我也尝试了与localhost:8080的ProxyPass。 目前,只有networking服务器应用程序加载,没有别的。
我改变了000-默认如下:
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName www.domain4.de.com ServerAlias domain4.de.com DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> Listen 443 <VirtualHost *:443> ServerName www.domain1.de ServerAlias domain1.de SSLEngine on SSLCertificateFile /etc/letsencrypt/live/www.domain1.de/tool.crt SSLCertificateKeyFile /etc/letsencrypt/live/www.domain1.de/private.key ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> #ErrorDocument 503 /maintenance.html # ErrorDocument 404 /maintenance.html # ErrorDocument 500 /maintenance.html #ProxyPass /maintenance.html ! #ProxyPass / http://localhost:8443/ #ProxyPassReverse / http://localhost:8443/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:443> ServerName www.domain3.de ServerAlias domain3.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> #ErrorDocument 503 /maintenance.html # ErrorDocument 404 /maintenance.html # ErrorDocument 500 /maintenance.html #ProxyPass /maintenance.html ! #ProxyPass / http://localhost:8443/ #ProxyPassReverse / http://localhost:8443/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:443> ServerName www.domain3.de ServerAlias domain3.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ErrorDocument 503 /maintenance.html ErrorDocument 404 /maintenance.html ErrorDocument 500 /maintenance.html ProxyPass /maintenance.html ! ProxyPass / http://localhost:8443/ ProxyPassReverse / http://localhost:8443/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:443> ServerName www.domain2.de ServerAlias domain2.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ErrorDocument 503 /maintenance.html ErrorDocument 404 /maintenance.html ErrorDocument 500 /maintenance.html ProxyPass /maintenance.html ! ProxyPass / http://localhost:8443/ ProxyPassReverse / http://localhost:8443/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> <VirtualHost *:443> ServerName www.domain5.de ServerAlias domain5.de ProxyRequests off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ErrorDocument 503 /maintenance.html ErrorDocument 404 /maintenance.html ErrorDocument 500 /maintenance.html ProxyPass /maintenance.html ! ProxyPass / http://localhost:8443/ ProxyPassReverse / http://localhost:8443/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost>