当我curl --insecure 'https://foo.ngrok.io/page'在我的基于 Apache IP 的虚拟主机的 TLS 隧道上运行时,我收到“400 Bad Request”响应,说“您的浏览器发送了此服务器无法理解的请求......原因:您说的是普通 HTTP启用 SSL 的服务器端口...请改用 HTTPS 方案访问此 URL。”
但是,如果我使用 curl 直接向我的本地主机地址发出请求,例如curl --insecure 'https://foo/page'我会得到正确的响应。另外,如果我在浏览器中发出请求,https://foo.ngrok.io/page我会得到正确的响应。
我正在运行:OS X 10.9.5、Apache 2.4、ngrok2 和 curl 7.43.0。我的 SSL 证书是自签名的。
我从访问日志中注意到的是,当我使用 curl on 时foo.ngrok.io,我的HTTP/1.1请求已更改为HTTP/1.0请求。此外,这是我的错误日志中相应的相关位:
ssl_engine_kernel.c(1824): [client 127.0.0.2:50517] OpenSSL: Exit: error in SSLv2/v3 read client hello A
[client 127.0.0.2:50517] AH01996: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page
SSL Library Error: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request -- speaking HTTP to HTTPS port!?
protocol.c(616): [client 127.0.0.2:50517] Request received from client: GET / HTTP/1.0
http_filters.c(1042): [client 127.0.0.2:50517] Response sent with status 400, headers:
Apache 虚拟主机配置
Listen 127.0.0.2:443
<VirtualHost 127.0.0.2:443>
ServerName foo
DocumentRoot /Users/me/site
ErrorLog "/usr/local/var/log/apache2/foo_error_log"
CustomLog "/usr/local/var/log/apache2/foo_access_log" common
<Directory "/Users/me/site">
AllowOverride All
Allow from All
Options -Indexes
</Directory>
<IfModule ssl_module>
SSLEngine on
<Directory "/Users/me/site">
SSLOptions +StdEnvVars
</Directory>
SSLCertificateKeyFile "/usr/local/etc/apache2/2.4/ssl/foo.key"
SSLCertificateFile "/usr/local/etc/apache2/2.4/ssl/foo.crt"
</IfModule>
</VirtualHost>
Apache SSL 配置
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/urandom 512
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/usr/local/var/run/apache2/ssl_scache(512000)"
SSLSessionCacheTimeout 300
ngrok.yml 配置
authtoken: <omitted>
tunnels:
foo:
addr: 127.0.0.2:443
proto: tls
hostname: "foo.ngrok.io"