Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Apache not reachable over https, http ok |
|
| Author |
|
wilfredd
Joined: 12 Aug 2014
Posts: 4
Location: ehv
|
 Posted: Tue 12 Aug '14 14:32 Post subject: Apache not reachable over https, http ok |
 |
|
Hello,
Our website (contained in Tomcat 7.0.52) sometimes is unreachable via https. Via http the site is reachable.
Also directly on the server the site is reachable via localhost:8080 (directly via Tomcat).
Our problem seems to be something in SSL. No errors are logged.
What can be the issue here?
Apache/2.4.9 (Win64) OpenSSL/1.0.1g
We are using the Windows x64 binaries as provided @ https://www.apachelounge.com/download/win64/
Installed on Windows Web Server 2008 R2 (sp1)
Processor: Intel(R) Xeon(R)CPU E5-2660 0 @2.20Ghz (@vmWare)
Installed memory (RAM): 2,00 GB
Conf file:
ServerName xxx.xxx.com
SSLEngine On
SSLProtocol all
SSLCertificateFile E:/Apache24/conf/ssl/xxx.cer SSLCertificateKeyFile E:/Apache24/conf/ssl/xxx.key
TransferLog E:/Apache24/logs/xxx.local-access.log
ErrorLog E:/Apache24/logs/xxx.local-error.log
DocumentRoot "E:\xxx\web"
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/xxx
RewriteRule ^(.*)$ /xxx$1 [QSA,R]
ProxyRequests Off
ProxyPreserveHost On
#ProxyPass /repository !
ProxyPass /xxx ajp://localhost:8009/xxx
ProxyPassReverse /xxx ajp://localhost:8009/xxx
# compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
<Directory "E:\xxx\web">
AllowOverride All
Order allow,deny
Allow from All
Require all granted
</Directory>
<Location /xxx>
</Location> |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Wed 13 Aug '14 17:38 Post subject: |
|
|
| You need to have 2 vhosts if you wanna serv http and https as reverse proxy |
|
| Back to top |
|
wilfredd
Joined: 12 Aug 2014
Posts: 4
Location: ehv
|
| Posted: Thu 14 Aug '14 9:08 Post subject: |
|
|
Normally the server is configured only to serve https:
| Code: | ServerName xxx.xxx.com
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R,L] |
To investigate the problem, we decided to serve over http also, so now we added a virtual host for http:
| Code: | ServerName xxx.xxx.com
TransferLog E:/Apache24/logs/xxx.local-access.log
ErrorLog E:/Apache24/logs/xxx.local-error.log
DocumentRoot "E:\xxx\web"
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/xxx
RewriteRule ^(.*)$ /xxx$1 [QSA,R]
ProxyRequests Off
ProxyPreserveHost On
#ProxyPass /repository !
ProxyPass /xxx ajp://localhost:8009/xxx
ProxyPassReverse /xxx ajp://localhost:8009/xxx
# compress text, html, javascript, css, xml:
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/x-javascript
<Directory "E:\xxx\web">
AllowOverride All
Order allow,deny
Allow from All
Require all granted
</Directory>
<Location /xxx>
</Location> |
|
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg
|
| Posted: Thu 14 Aug '14 9:58 Post subject: |
|
|
| in your config I miss the <VirtualHost *:80> and <VirtualHost *:443> |
|
| Back to top |
|
wilfredd
Joined: 12 Aug 2014
Posts: 4
Location: ehv
|
| Posted: Thu 14 Aug '14 14:09 Post subject: |
|
|
Indeed both config start with:
| Code: | | <VirtualHost <internal ip adres of the server>:80> |
and
| Code: | | <VirtualHost <internal ip adres of the server>:443> |
I don't know why the internal ip adres is used and not the external, but this shouldn't be a problem? Should it? |
|
| Back to top |
|
wilfredd
Joined: 12 Aug 2014
Posts: 4
Location: ehv
|
| Posted: Thu 14 Aug '14 14:44 Post subject: |
|
|
I've read something about adding the following to config:
| Code: | AcceptFilter http none
AcceptFilter https none
EnableSendfile off
EnableMMAP off |
But I don't know if this has anything to do it? |
|
| Back to top |
|
|
|
|
|
|
