3

我正在使用 apache mod_proxy 反向代理到在非标准端口上工作的后端 HTTPS 服务器(被多个防火墙阻止,因此需要反向代理)。

客户端通过 HTTPS 连接到 apache,然后再连接到我认为是 nginx 或 tomcat 服务器(后端服务器是 Zimbra 邮件服务器管理控制台)。

我在日志中收到以下错误

[Thu Jun 27 11:35:26 2013] [debug] mod_proxy_http.c(56): proxy: HTTP: canonicalising URL //[internal_url]:7071/
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(1506): [client [client_ip] proxy: https: found worker https://[internal_url]:7071/ for https://[internal_url]:7071/
[Thu Jun 27 11:35:26 2013] [debug] mod_proxy.c(968): Trying to run scheme_handler against proxy
[Thu Jun 27 11:35:26 2013] [debug] mod_proxy_http.c(1973): proxy: HTTP: serving URL https://[internal_url]:7071/
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(1949): proxy: HTTPS: retrying the worker for ([internal_url])
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(1955): proxy: HTTPS: worker for ([internal_url]) has been marked for retry
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(2011): proxy: HTTPS: has acquired connection for ([internal_url])
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(2067): proxy: connecting https://[internal_url]:7071/ to [internal_url]:7071
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(2193): proxy: connected https://[internal_url]:7071/ to [internal_url]:7071
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(2444): proxy: HTTPS: fam 2 socket created to connect to [internal_url]
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(2285): proxy: CONNECT: sending the CONNECT request for [internal_url]:7071 to the remote proxy [internal_ip]:7071 ([internal_url])
[Thu Jun 27 11:35:26 2013] [error] (70014)End of file found: proxy: HTTPS: attempt to connect to [internal_url]:7071 via http CONNECT through [internal_ip]:7071 ([internal_url]) failed
[Thu Jun 27 11:35:26 2013] [error] ap_proxy_connect_backend disabling worker for ([internal_url])
[Thu Jun 27 11:35:26 2013] [debug] proxy_util.c(2029): proxy: HTTPS: has released connection for ([internal_url])

在安装了“apache2 2.2.22-6ubuntu2.2”和“libapache2-mod-proxy-html 3.0.1-1.1”软件包的 Ubuntu 12.10 服务器上使用以下配置

    ProxyRequests   on
    ProxyRemote     *       https://[internal_url]:7071
    ProxyPass       /       https://[internal_url]:7071/
    ProxyPassReverse        /       https://[internal_url]:7071/
    ProxyPassReverseCookieDomain    [internal_url] [external_url]

    SSLProxyEngine  on

    ProxyPreserveHost       on
    ProxyVia        on

我不知道我还能做什么。后端服务器站点可以通过 lynx 从 apache 服务器访问,所以这对我来说不是一个明显的问题。

4

1 回答 1

2

如果我正确理解您的问题 - 您的沟通路线如下所示

浏览器 Apache 后端服务器

在这种情况下,您必须删除 ProxyRemote 指令 - 因为仅当您通过另一个代理与后端服务器通信时才需要它。

于 2013-07-17T17:09:06.293 回答