在 Fedora 22 上使用 SSL 超时
Time Out using SSL on Fedora 22
自从我将 Fedora 14 升级到 22 后,当我尝试在我的服务器上打开 https 页面时,我一直收到 ERR_CONNECTION_TIMED_OUT。
linode 云上的服务器 运行,并添加了一个 "A/AAAA Record",如下所示:
HOSTNAME ssl_page.mysite.com
IP ADDRESS xxx.xxx.xxx.xxx
TTL Default
我的 vhost.conf 看起来像这样:
<VirtualHost *:80>
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /var/www/html/mysite
ErrorLog /var/www/html/mysite/logs/error.log
CustomLog /var/www/html/mysite/logs/access.log combined
</VirtualHost>
我的 ssl.conf 看起来像:
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
<VirtualHost _default_:443>
DocumentRoot "/var/www/html/ssl_page"
ServerName ssl_page.mysite.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite PROFILE=SYSTEM
SSLCertificateFile /etc/pki/tls/certs/ssl_page.mysite.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/ssl_page.mysite.com.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
“/var/log/http/ssl_error”或“/var/www/http/ssl_page/logs/error.log”都没有关于此问题的消息。
我什至试过禁用 firewalld,但它也不起作用。
有人知道发生了什么事吗?
终于成功了,我只需要这样改变我的ssl.conf:
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
<VirtualHost *:80>
ServerName ssl_page.mysite.com
DocumentRoot /var/www/html/ssl_page
Redirect permanent / https://ssl_page.mysite.com
</VirtualHost>
<VirtualHost _default_:443>
DocumentRoot "/var/www/html/ssl_page"
ServerName ssl_page.mysite.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite PROFILE=SYSTEM
SSLCertificateFile /etc/pki/tls/certs/ssl_page.mysite.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/ssl_page.mysite.com.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
缺少的是重定向指令。
谢谢大家!!!
自从我将 Fedora 14 升级到 22 后,当我尝试在我的服务器上打开 https 页面时,我一直收到 ERR_CONNECTION_TIMED_OUT。 linode 云上的服务器 运行,并添加了一个 "A/AAAA Record",如下所示:
HOSTNAME ssl_page.mysite.com
IP ADDRESS xxx.xxx.xxx.xxx
TTL Default
我的 vhost.conf 看起来像这样:
<VirtualHost *:80>
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /var/www/html/mysite
ErrorLog /var/www/html/mysite/logs/error.log
CustomLog /var/www/html/mysite/logs/access.log combined
</VirtualHost>
我的 ssl.conf 看起来像:
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
<VirtualHost _default_:443>
DocumentRoot "/var/www/html/ssl_page"
ServerName ssl_page.mysite.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite PROFILE=SYSTEM
SSLCertificateFile /etc/pki/tls/certs/ssl_page.mysite.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/ssl_page.mysite.com.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
“/var/log/http/ssl_error”或“/var/www/http/ssl_page/logs/error.log”都没有关于此问题的消息。
我什至试过禁用 firewalld,但它也不起作用。
有人知道发生了什么事吗?
终于成功了,我只需要这样改变我的ssl.conf:
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
<VirtualHost *:80>
ServerName ssl_page.mysite.com
DocumentRoot /var/www/html/ssl_page
Redirect permanent / https://ssl_page.mysite.com
</VirtualHost>
<VirtualHost _default_:443>
DocumentRoot "/var/www/html/ssl_page"
ServerName ssl_page.mysite.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite PROFILE=SYSTEM
SSLCertificateFile /etc/pki/tls/certs/ssl_page.mysite.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/ssl_page.mysite.com.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
缺少的是重定向指令。
谢谢大家!!!