所以我把我的 Domoticz(RPi 上的家庭自动化软件)放在了代理后面,这样就可以从外部 HTTPS 地址访问它。这适用于它自己的 Web 界面,但对于它提供的API,出现了问题。
如果我在浏览器中输入以下 URL,它可以正常工作:
http://localDomoticzIP:port/json.htm?username=MkE=&password=OVM=&type=command¶m=getversion
但是,如果我使用 HTTPS 版本,则会收到 401 错误:
https://myExternalURL.com/domoticz/json.htm?username=MkE=&password=OVM=&type=command¶m=getversion
如您所见,变化不大,但一个有效,一个无效。
从myExternalURL.com/domoticz/到的转换localDomoticzIP:port发生在 Apache 中,其中的配置文件如下所示:
<VirtualHost *:443>
ServerName myExternalURL.com
ErrorLog ${APACHE_LOG_DIR}/port_443_error.log
CustomLog ${APACHE_LOG_DIR}/port_443_access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/myExternalURL.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/myExternalURL.com/privkey.pem
SSLProxyEngine on
ProxyPreserveHost On
ProxyRequests Off
RewriteEngine on
# I don't THINK the 3 lines below are important, since it's there for a
different web page, but I'll leave it in, in case it may mess with
something me knowing
# When Upgrade:websocket header is present, redirect to ws
# Using NC flag (case-insensitive) as some browsers will pass Websocket
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule .* ws://127.0.0.1:8000/socket.io%{REQUEST_URI} [P]
RewriteRule ^/domoticz$ /domoticz/ [R=307]
# The two lines below are for another web page
RewriteRule ^/sprinklers/node$ /sprinklers/node/ [R=307]
RewriteRule ^/sprinklers$ /sprinklers/ [R=307]
ProxyPassMatch /domoticz\/?(.*) https://127.0.0.1:444/$1
ProxyPassReverse /domoticz\/?(.*) https://127.0.0.1:444/$1
# The four lines below are for another web page
ProxyPassMatch /sprinklers/node(\/?)(.*) http://127.0.0.1:8000/$2
ProxyPassReverse /sprinklers/node(\/?)(.*) http://127.0.0.1:8000/$2
ProxyPassMatch /sprinklers(\/?)(.*) http://127.0.0.1:8091/$2
ProxyPassReverse /sprinklers(\/?)(.*) http://127.0.0.1:8091/$2
</VirtualHost>
就像我说的,myExternalURL.com/domoticz/在浏览器中访问可以正常工作,但是如果我向其中添加 API 调用,它总是返回 401。
我也尝试过从 HTML 页面设置授权标头,但结果相同:401。
有没有人知道可能是什么正在改变,并导致这些 401 错误?