Apache 2.4 SSL Config-服务器使用HTTP 400拒绝请求
[英]Apache 2.4 SSL Config - Server rejects requests with HTTP 400
问题描述
I'm running into some trouble with my Apache 2.4 config. 
我的Apache 2.4配置遇到了一些麻烦。 Accessing https://subdomain.my-domain.com always returns this http 400. 访问https://subdomain.my-domain.com始终返回此http 400。
Bad Request Your browser sent a request that this server could not understand.
I'm accessing my site via https directly so there is no redirect from http to https involved. 我正在直接通过https访问我的网站,所以没有涉及从http到https的重定向。 Below my apache config. 下面我的Apache配置。 I'm aware that I don't check the certificates for validity. 我知道我不会检查证书的有效性。 Right now they're just self signed but that will change in the future. 现在,它们只是自签名,但将来会改变。
##################################################################
### ###
### Global Settings ###
### ###
##################################################################
DocumentRoot /var/ebc/apache2/www/htdocs
<Location /fwcheck.html>
<RequireAll>
Require all granted
</RequireAll>
</Location>
##################################################################
### ###
### Global SSL Settings ###
### ###
##################################################################
SSLProtocol ALL -SSLv2 -SSLv3
SSLProxyProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!aNULL:!EDH
SSLCompression off
SSLSessionTickets off
# OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache shmcb:/var/ebc/apache2/sslstaplingcache(128000)
##################################################################
### ###
### Virtual Hosts ###
### ###
##################################################################
<VirtualHost 10.173.144.43:80>
ErrorLog /var/ebc/apache2/log/error.log
CustomLog /var/ebc/apache2/log/access.log vhost_combined
##################################################################
### ###
### Send everything to https except firewall check ###
### vhost config only for port 443 necessary. ###
### No further config for port 80. ###
### ###
##################################################################
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !fwcheck.html
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
##################################################################
</VirtualHost>
<VirtualHost 10.173.144.43:443>
ServerName subdomain.my-domain.com
ErrorLog /var/ebc/apache2/log/error.log
CustomLog /var/ebc/apache2/log/access.log vhost_combined
##################################################################
### ###
### SSL Settings ###
### ###
##################################################################
RequestHeader set ClientProtocol HTTPS
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /var/ebc/apache2/ssl/subdomain.my-domain.com.crt
SSLCertificateKeyFile /var/ebc/apache2/ssl/subdomain.my-domain.com.key
SSLCACertificateFile /var/ebc/apache2/ssl/subdomain.my-domain.com.crt
ProxyRequests off
ProxyPreserveHost on
# Disable certificate checks
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
# HSTS (15768000 seconds = 6 months)
Header always set Strict-Transport-Security "max-age=15768000"
##################################################################
### ###
### Locations ###
### ###
##################################################################
DocumentRoot /var/ebc/apache2/www/htdocs/prod
<Location />
Options None
<RequireAll>
Require all granted
</RequireAll>
</Location>
<Location /web-status>
<RequireAll>
Require all denied
</RequireAll>
</Location>
<Location /balancer-manager>
<RequireAll>
Require all denied
</RequireAll>
</Location>
##################################################################
</VirtualHost>
I don't really have an idea why this does not work. 我真的不知道为什么这行不通。 Can anyone give me a hint? 谁能给我一个提示?
Thanks in advance guys and regards Sebastian 在此先感谢大家,并问候塞巴斯蒂安
1 个解决方案
解决方案1
0 2016-02-02 22:46:02
Your connection does not arrive on interface 10.173.144.43:443 so it's not handled by your VirtualHost . 您的连接未到达接口10.173.144.43:443,因此您的VirtualHost没有处理该连接。 It hits the main server configuration which does not have SSL enabled. 它会达到未启用SSL的主服务器配置。
If you don't care what local interface is used, use a * in VirtualHost 如果您不在乎使用什么本地接口,请在VirtualHost使用*
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.