zoukankan      html  css  js  c++  java
  • Apache2 实现https访问http服务

    一、背景需求

    1、开发同事 nodejs 开发项目,node  index.js 开启9003服务端口的监听服务,现在需要外部通过https 访问该服务

    2、搭建apache2服务

    1)80端口http访问,配置/etc/apache2/sites-enabled/000-default.conf

    <VirtualHost *:80>  
        ProxyPreserveHost On  
        ServerAdmin admin@qq.com  
        ServerName  deploy-cn.domains.com  
        DocumentRoot /home/www/watchfaces 
        DirectoryIndex homepage.htm index.html login.htm  
        ProxyPass / http://127.0.0.1:9003/  
        ProxyPassReverse / http://127.0.0.1:9003/  
    </VirtualHost>  
    <Directory "/home/www/watchfaces">    
        Options Indexes FollowSymLinks  
        AllowOverride None     
        Order allow,deny  
        Allow from all  
    </Directory> 

    2) 443端口https 访问,需要配置1)80端口http访问,配置/etc/apache2/sites-enabled/001-ssl.conf

    <virtualhost *:443>
    ServerName deploy-cn.huami.com
    <proxy>
    Order deny,allow
    Allow from all
    </proxy>
    SSLEngine On
    SSLProxyEngine On
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    SSLCertificateFile "/etc/apache2/ssl/domain.com.crt"
    SSLCertificateKeyFile "/etc/apache2/ssl/domain.key"
    SSLCertificateChainFile "/etc/apache2/ssl/domain.com_bundle-g2-g1.crt"
    ProxyRequests Off ProxyPreserveHost On ProxyPass / http://127.0.0.1:9003/ ProxyPassReverse / http://127.0.0.1:9003/ </virtualhost>

     遇到问题备注:

     如果不配置证书链,小程序里面连接服务下载文件会报错:downloadFile:fail Error: unable to verify the first certificate"

    其它:

    1、SSL服务器证书安装检查器
       https://www.myssl.cn/tools/check-server-cert.html
  • 相关阅读:
    WindowsServer2003SP2EnterpriseEdition激活码
    2016/12/14渗透学习总结
    技术之路注定孤独
    几道office题的总结
    一路走来,只是清风
    【IIS】IIS中同时满足集成模式和经典模式
    IntelliJ IDEA如何build path
    kafka的集群安装
    尚硅谷 kafka
    队列
  • 原文地址:https://www.cnblogs.com/husbandmen/p/8379325.html
Copyright © 2011-2022 走看看