主页 / server / 问题 / 392758
Accepted
zensys
Asked: 2012-05-26 10:16:00 +0800 CST

启用 mod ssl 后,apache 停止侦听端口 80

  • 772

我有一台安装了 zend server CE 的 ubuntu 12.04 服务器。我现在想启用 https,但是在根据文档“a2enmod ssl”和“apache 服务重启”执行了第一步之后,根据 netstat -tap |,apache 不在 443 上侦听,也不在 80 上侦听。grep http(s)!

这是我在错误日志中看到的内容,但我无法充分利用它:

    [Fri May 25 19:52:39 2012] [notice] caught SIGTERM, shutting down
[Fri May 25 19:52:41 2012] [warn] Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri May 25 19:52:41 2012] [notice] ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/) configured.
[Fri May 25 19:52:41 2012] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.6"
[Fri May 25 19:52:41 2012] [warn] ModSecurity: Loaded APR do not match with compiled!
[Fri May 25 19:52:41 2012] [notice] ModSecurity: PCRE compiled version="8.12"; loaded version="8.12 2011-01-15"
[Fri May 25 19:52:41 2012] [notice] ModSecurity: LUA compiled version="Lua 5.1"
[Fri May 25 19:52:41 2012] [notice] ModSecurity: LIBXML compiled version="2.7.8"
[Fri May 25 19:53:11 2012] [notice] ModSecurity for Apache/2.6.3 (http://www.modsecurity.org/) configured.
[Fri May 25 19:53:11 2012] [notice] ModSecurity: APR compiled version="1.4.5"; loaded version="1.4.6"
[Fri May 25 19:53:11 2012] [warn] ModSecurity: Loaded APR do not match with compiled!
[Fri May 25 19:53:11 2012] [notice] ModSecurity: PCRE compiled version="8.12"; loaded version="8.12 2011-01-15"
[Fri May 25 19:53:11 2012] [notice] ModSecurity: LUA compiled version="Lua 5.1"
[Fri May 25 19:53:11 2012] [notice] ModSecurity: LIBXML compiled version="2.7.8"
[Fri May 25 19:53:12 2012] [notice] Apache/2.2.22 (Ubuntu) PHP/5.3.8-ZS5.5.0 configured -- resuming normal operations

这是我的 httpd.conf:

    # Name based virtual hosting
<virtualhost *:80>

    ServerName www-redirect

    KeepAlive Off

    RewriteEngine On 
    RewriteCond %{HTTP_HOST} ^[^\./]+\.[^\./]+$ 
    RewriteRule ^/(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

</virtualhost>

Alias /shared/js "/home/web/library/js"
Alias /shared/image "/home/web/library/image"

<IfModule mod_expires.c>
          <FilesMatch "\.(jpe?g|png|gif|js|css|doc|rtf|xls|pdf)$">
                      ExpiresActive On
                      ExpiresDefault "access plus 1 week"
          </FilesMatch>
</IfModule>

ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn

<Directory />
    Options FollowSymLinks
    AllowOverride None
    Order allow,deny
        allow from all
</Directory>

<Location />
        RewriteEngine On
        RewriteCond %{REQUEST_FILENAME} -s [OR]
        RewriteCond %{REQUEST_FILENAME} -l [OR]
        RewriteCond %{REQUEST_FILENAME} -d
        RewriteRule ^.*$ - [NC,L]
        RewriteRule ^.*$ /index.php [NC,L]
</Location>

netstat -tap 给出:

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 *:mysql                 *:*                     LISTEN      765/mysqld      
tcp        0      0 *:pop3                  *:*                     LISTEN      744/dovecot     
tcp        0      0 *:imap2                 *:*                     LISTEN      744/dovecot     
tcp        0      0 *:http                  *:*                     LISTEN      19861/apache2   
tcp        0      0 *:smtp                  *:*                     LISTEN      30365/master    
tcp        0      0 *:4444                  *:*                     LISTEN      634/sshd        
tcp        0      0 *:kamanda               *:*                     LISTEN      1167/lighttpd   
tcp        0      0 *:imaps                 *:*                     LISTEN      744/dovecot     
tcp        0      0 *:amandaidx             *:*                     LISTEN      1167/lighttpd   
tcp        0      0 localhost.loc:amidxtape *:*                     LISTEN      19861/apache2   
tcp        0      0 *:pop3s                 *:*                     LISTEN      744/dovecot     
tcp        0    384 mail.mysite.:4444 231.214.14.37.dyn:41909 ESTABLISHED 19039/sshd: web [pr
tcp        0      0 localhost.localdo:mysql localhost.localdo:48252 ESTABLISHED 765/mysqld      
tcp        0      0 mail.mysite.:http 231.214.14.37.dyn:54686 TIME_WAIT   -               
tcp        0      0 mail.mysite.:4444 231.214.14.37.dyn:42419 ESTABLISHED 19372/sshd: web [pr
tcp        0      0 localhost.localdo:48252 localhost.localdo:mysql ESTABLISHED 19884/auth      
tcp        0      0 mail.mysite.:http 231.214.14.37.dyn:54685 TIME_WAIT   -               
tcp6       0      0 [::]:pop3               [::]:*                  LISTEN      744/dovecot     
tcp6       0      0 [::]:imap2              [::]:*                  LISTEN      744/dovecot     
tcp6       0      0 [::]:smtp               [::]:*                  LISTEN      30365/master    
tcp6       0      0 [::]:4444               [::]:*                  LISTEN      634/sshd        
tcp6       0      0 [::]:imaps              [::]:*                  LISTEN      744/dovecot     
tcp6       0      0 [::]:pop3s              [::]:*                  LISTEN      744/dovecot

任何人都知道我做错了什么?也许我应该采取一些额外的步骤让 apache 监听 0n 443 但它完全停止监听 80 我无法理解。

apache-2.2 ssl https ubuntu-12.04 zend-server-ce

4 个回答

  1. Best Answer

    我没有做错任何事,但在升级到 Ubuntu 服务器 12.04 后,Zend Server CE 中的 SSL 支持被破坏了。与此同时,Zend 通过为 Ubuntu 12.04 提供单独的 Zend Server 5.6 存储库解决了这个问题。将此行添加到 /etc/apt/sources.list

    "deb http://repos.zend.com/zend-server/5.6.0_ubuntu1204/deb server non-free"

    这是相关的主题: http://forums.zend.com/viewtopic.php?f=8& t=65613

    • 6

  2. 您可以像这样启用 default-ssl 站点;

    ln -s /etc/apache2/sites-available/default-ssl /etc/apache2/sites-enabled/000-default-ssl

    这里有一些注意事项;
    http://www.tc.umn.edu/~brams006/selfsign_ubuntu.html

    你能粘贴你的netstat命令输出吗,像这样;

    # netstat -ltp | grep http
tcp        0      0 *:https                     *:*                         LISTEN      2592/httpd          
tcp        0      0 *:http                      *:*                         LISTEN      2592/httpd

    您也可以像这样将任何特定的启动错误记录到日志文件中;

     apachectl -E /var/log/httpd/startup-err.log -k start

    如果那没有告诉你问题所在,那么就像这样将它提升到最大值;

    apachectl -e debug -E /var/log/httpd/startup-err.log -k restart

    此外,apachectl -S将显示 httpd 所见的虚拟主机配置;

    # apachectl -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
_default_:443          workstation001.config (/etc/httpd/conf.d/ssl.conf:75)
*:80                   is a NameVirtualHost
         default server www-redirect (/etc/httpd/conf.d/mystupidsite.com.conf:1)
         port 80 namevhost www-redirect (/etc/httpd/conf.d/mystupidsite.com.conf:1)
Syntax OK
    • 1

  3. 禁用 Curl 模块,服务器将正常启动。

    手动禁用(因为 Zend Web 界面无法在服务器关闭时工作):

    1)编辑/usr/local/zend/etc/ext.d/curl.ini

    ;2)在前面放一个冒号extension=curl.so,你应该好好去,直到修复被释放

    PS Zend 说 Ubuntu 的修复应该很快就会出来。

    • 1

  4. 看看 /var/log/syslog 那里你会发现一些描述,比如:

    May 30 19:15:39 virtualdev kernel: [  397.265473] apache2[2009]: segfault at 0 ip 00007fa17e522eb6 sp 00007fffb5468f98 error 4 in libc-2.15.so[7fa17e3e7000+1b3000]

    这表明启用 mod ssl 时 libc-2.15.so 似乎存在问题。不确定谁会解决这个问题。

    • 0

相关问题