求助 http2.4.27 加载ssl模块问题
环境:
http2.4.27
php5.6.30
opensll 1.0.2l
ppc-linux-gcc 嵌入式设备
描述:
a.未加载ssl模块 http请求可以响应
b.加载ssl模块 不做重定向或者重写 http请求可以响应 https请求可以响应
c加载ssl模块 做了http 跳转https 响应了http请求,但是浏览器无法收到 301跳转消息包
通过分析代码 http已经处理生成了301消息报文,但是apr_socket阻塞住无法发出;
http-ssl.conf
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCacheTimeout 300
<VirtualHost _default_:443>
#General setup for the virtual host
DocumentRoot "/mnt/apps/apache/htdocs"
ServerName 10.20.1.139:443
ServerAdmin qqzgh@163.com
ErrorLog "/mnt/apps/apache/logs/error_log"
TransferLog "/mnt/apps/apache/logs/access_log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "/mnt/apps/apache/conf/server.crt"
SSLCertificateKeyFile "/mnt/apps/apache/conf/server.key"
#SSLCertificateChainFile "/mnt/apps/apache/conf/server-ca.crt"
#SSLCACertificatePath "D:/Program Files/Apache2/conf/ssl.crt"
#SSLCACertificateFile "/mnt/apps/apache/conf/ssl.crt/ca-bundle.crt"
#SSLCARevocationPath "D:/Program Files/Apache2/conf/ssl.crl"
#SSLCARevocationFile "D:/Program Files/Apache2/conf/ssl.crl/ca-bundle.crl"
#SSLVerifyClient require
#SSLVerifyDepth 10
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/mnt/apps/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "/mnt/apps/apache/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
SetEnv nokeepalive ssl-unclean-shutdown
</VirtualHost>
http.conf 重定向相关部分
SetEnv nokeepalive force-response-1.0
<VirtualHost *:80>
ServerName 10.20.1.237
Redirect permanent / https://10.20.1.151/
</VirtualHost>