由于项目需要,需要在监听的80端口中,增加代理https请求
<Proxy balancer://abcsrc/>
BalancerMember https://abc.com:12580 loadfactor=1
</Proxy>
ProxyPass /abc/ balancer://abcsrc/abc/ timeout=15 maxattempts=2
ProxyPassReverse /abc balancer://abcsrc/abc/
配置转发
在apahce/config/httpd.conf配置https转发
SSLProxyEngine on
LoadModule ssl_module modules/mod_ssl.so
LoadModule rewrite_module modules/mod_rewrite.so
重启apache, 发现报错。
推测缺少mod_ssl模块
Invalid command 'SSLProxyEngine', perhaps misspelled or defined by a module
安装mod_ssl.so模块
1.查看apache版本
[root@www bin]# ./apachectl -v
Server version: Apache/2.2.34 (Unix)
Server built: Aug 4 2017 04:25:09
2.根据apache版本下载对应版本:apache历史版本下载 (好像要梯子,我是直接香港服务器下载的)
3.解压下载的版本文件 将modules下的loggers,ssl两个文件,放到服务器端apache的modules下。
\
4.进入服务端的modules/ssl目录下;
执行命令: apxs -i -c -a -D HAVE_OPENSSL=1 -I /usr/include/openssl -lcrypto -lssl -ldl *.c
如apxs 找不到命令, 需找到对应apache/bin目录下的apxs
[apps@myxlsdnwn001955 modules]$ cd ssl/
[apps@myxlsdnwn001955 ssl]$ /apps/svr/apache/bin/apxs -i -c -a -D HAVE_OPENSSL=1 -I /usr/include/openssl -lcrypto -lssl -ldl *.c
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o mod_ssl.lo mod_ssl.c && touch mod_ssl.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_config.lo ssl_engine_config.c && touch ssl_engine_config.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_dh.lo ssl_engine_dh.c && touch ssl_engine_dh.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_init.lo ssl_engine_init.c && touch ssl_engine_init.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_io.lo ssl_engine_io.c && touch ssl_engine_io.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_kernel.lo ssl_engine_kernel.c && touch ssl_engine_kernel.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_log.lo ssl_engine_log.c && touch ssl_engine_log.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_mutex.lo ssl_engine_mutex.c && touch ssl_engine_mutex.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_pphrase.lo ssl_engine_pphrase.c && touch ssl_engine_pphrase.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_rand.lo ssl_engine_rand.c && touch ssl_engine_rand.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_engine_vars.lo ssl_engine_vars.c && touch ssl_engine_vars.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_expr.lo ssl_expr.c && touch ssl_expr.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_expr_eval.lo ssl_expr_eval.c && touch ssl_expr_eval.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_expr_parse.lo ssl_expr_parse.c && touch ssl_expr_parse.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_expr_scan.lo ssl_expr_scan.c && touch ssl_expr_scan.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_scache.lo ssl_scache.c && touch ssl_scache.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_scache_dbm.lo ssl_scache_dbm.c && touch ssl_scache_dbm.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_scache_dc.lo ssl_scache_dc.c && touch ssl_scache_dc.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_scache_shmcb.lo ssl_scache_shmcb.c && touch ssl_scache_shmcb.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_util.lo ssl_util.c && touch ssl_util.slo
/apps/svr/apache/build/libtool --silent --mode=compile gcc -prefer-pic -DLINUX -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/apps/svr/apache/include -I/apps/svr/apache/include -I/apps/svr/apache/include -I/usr/include/openssl -DHAVE_OPENSSL=1 -c -o ssl_util_ssl.lo ssl_util_ssl.c && touch ssl_util_ssl.slo
/apps/svr/apache/build/libtool --silent --mode=link gcc -o mod_ssl.la -lcrypto -lssl -ldl -rpath /apps/svr/apache/modules -module -avoid-version ssl_util_ssl.lo ssl_util.lo ssl_scache_shmcb.lo ssl_scache_dc.lo ssl_scache_dbm.lo ssl_scache.lo ssl_expr_scan.lo ssl_expr_parse.lo ssl_expr_eval.lo ssl_expr.lo ssl_engine_vars.lo ssl_engine_rand.lo ssl_engine_pphrase.lo ssl_engine_mutex.lo ssl_engine_log.lo ssl_engine_kernel.lo ssl_engine_io.lo ssl_engine_init.lo ssl_engine_dh.lo ssl_engine_config.lo mod_ssl.lo
/apps/svr/apache/build/instdso.sh SH_LIBTOOL='/apps/svr/apache/build/libtool' mod_ssl.la /apps/svr/apache/modules
/apps/svr/apache/build/libtool --mode=install cp mod_ssl.la /apps/svr/apache/modules/
libtool: install: cp .libs/mod_ssl.so /apps/svr/apache/modules/mod_ssl.so
libtool: install: cp .libs/mod_ssl.lai /apps/svr/apache/modules/mod_ssl.la
libtool: install: cp .libs/mod_ssl.a /apps/svr/apache/modules/mod_ssl.a
libtool: install: chmod 644 /apps/svr/apache/modules/mod_ssl.a
libtool: install: ranlib /apps/svr/apache/modules/mod_ssl.a
libtool: finish: PATH="/opt/splunkforwarder/bin:/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/user/local/bin/:/apps/.local/bin:/apps/bin:/sbin" ldconfig -n /apps/svr/apache/modules
----------------------------------------------------------------------
Libraries have been installed in:
/apps/svr/apache/modules
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the '-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the 'LD_RUN_PATH' environment variable
during linking
- use the '-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to '/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
chmod 755 /apps/svr/apache/modules/mod_ssl.so
[activating module `ssl' in /apps/svr/apache/conf/httpd.conf]
5.进入modlues目录可以看到已经安装mod_ssl.so
在执行apxs可能报错误,如 ssl_toolkit_compat.h:33:25: 致命错误:openssl/ssl.h:没有那个文件或目录
解决方案:亲测有效
其他操作系统,安装下面依赖
sudo apt-get install libssl-dev build-essential libidn11-dev libidn11
在centos下,
yum install openssl-devel
yum install make automake gcc gcc-c++ kernel-devel
重启apache
重启web服务器, 在apache的bin目录下执行:./apachectl -k restart.
参考
