.net core dotnetcore kestrel服务器未通过反向代理接收请求
情况是,我在Debian stretch上使用了两台服务器,一台kestrel服务器用于托管Blazor服务器端应用程序,另一台Apache2.4用于将请求转发到kestrel服务器 我试图托管的站点是一个.app域,它强制使用HTTPS。我使用certbot安装了来自Let's Encrypt的证书 kestrel服务器在端口5001上侦听127.0.0.1。Apache服务器有一个虚拟配置集,它使用反向代理,将所有传入的请求转发到127.0.0.1:5001 但是,请求不会传递到kestrel服务器。在查看Apache日志时,我发现以下内容:.net core dotnetcore kestrel服务器未通过反向代理接收请求,.net-core,apache2,reverse-proxy,kestrel-http-server,blazor-server-side,.net Core,Apache2,Reverse Proxy,Kestrel Http Server,Blazor Server Side,情况是,我在Debian stretch上使用了两台服务器,一台kestrel服务器用于托管Blazor服务器端应用程序,另一台Apache2.4用于将请求转发到kestrel服务器 我试图托管的站点是一个.app域,它强制使用HTTPS。我使用certbot安装了来自Let's Encrypt的证书 kestrel服务器在端口5001上侦听127.0.0.1。Apache服务器有一个虚拟配置集,它使用反向代理,将所有传入的请求转发到127.0.0.1:5001 但是,请求不会传递到kestre
[Mon Dec 16 20:18:16.576931 2019] [proxy:debug] [pid 28760:tid 139662812688448] proxy_util.c(1776): AH00925: initializing worker https://127.0.0.1:5001 shared
[Mon Dec 16 20:18:16.576956 2019] [proxy:debug] [pid 28760:tid 139662812688448] proxy_util.c(1818): AH00927: initializing worker https://127.0.0.1:5001 local
[Mon Dec 16 20:18:16.576971 2019] [proxy:debug] [pid 28760:tid 139662812688448] proxy_util.c(1853): AH00930: initialized pool in child 28760 for (127.0.0.1) min=0 max=25 smax=25
[Mon Dec 16 20:18:16.577334 2019] [proxy:debug] [pid 28759:tid 139662812688448] proxy_util.c(1776): AH00925: initializing worker https://127.0.0.1:5001 shared
[Mon Dec 16 20:18:16.577357 2019] [proxy:debug] [pid 28759:tid 139662812688448] proxy_util.c(1818): AH00927: initializing worker https://127.0.0.1:5001 local
[Mon Dec 16 20:18:16.577370 2019] [proxy:debug] [pid 28759:tid 139662812688448] proxy_util.c(1853): AH00930: initialized pool in child 28759 for (127.0.0.1) min=0 max=25 smax=25
,该站点无法提供安全连接
虚拟主机配置如下所示:
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RewriteEngine on
RewriteCond %{SERVER_NAME} =privateinfo.app [OR]
RewriteCond %{SERVER_NAME} =https://privateinfo.app
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:*>
ServerAdmin admin@privateinfo.app
ServerName https://privateinfo.app
ServerAlias https://privateinfo.app
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass /privateinfo.app https://127.0.0.1:5001
ProxyPassReverse /privateinfo.app https://127.0.0.1:5001
LogLevel info ssl:warn warn debug
ErrorLog ${APACHE_LOG_DIR}/privateinfo.app/error.log
CustomLog ${APACHE_LOG_DIR}/privateinfo.app/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias privateinfo.app
SSLCertificateFile /etc/letsencrypt/live/privateinfo.app/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/privateinfo.app/privkey.pem
</VirtualHost>
如果我忽略了什么,为什么Apache服务器不将请求转发给kestrel服务器?发现配置有问题。
该应用程序是从apache www目录中的一个文件夹中提供的
为其提供以下文件夹结构/www/privateinfo.app
我发现的第二个问题是从错误的文件夹运行app.dll。
这需要在/www/privatinfo.app/publish目录中完成
使用Apache2和反向代理对我有效的配置:
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RewriteEngine on
RewriteCond %{SERVER_NAME} =privateinfo.app [OR]
RewriteCond %{SERVER_NAME} =https://privateinfo.app
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:*>
ServerAdmin admin@privateinfo.app
ServerName https://privateinfo.app
ServerAlias https://privateinfo.app
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass / https://127.0.0.1:5001
ProxyPassReverse / https://127.0.0.1:5001
LogLevel info ssl:warn warn debug
ErrorLog ${APACHE_LOG_DIR}/privateinfo.app/error.log
CustomLog ${APACHE_LOG_DIR}/privateinfo.app/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias privateinfo.app
SSLCertificateFile /etc/letsencrypt/live/privateinfo.app/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/privateinfo.app/privkey.pem
</VirtualHost>
RequestHeader集合“X-Forwarded-Proto”expr=%{REQUEST_SCHEME}
重新启动发动机
RewriteCond%{SERVER_NAME}=privateinfo.app[或]
重写cond%{SERVER_NAME}=https://privateinfo.app
重写规则^https://%{SERVER_NAME}%{REQUEST_URI}[END,NE,R=permanent]
服务器管理员admin@privateinfo.app
服务器名https://privateinfo.app
服务器别名https://privateinfo.app
SSLProxyEngine打开
代理主机
ProxyPass/https://127.0.0.1:5001
ProxyPassReverse/https://127.0.0.1:5001
日志级别信息ssl:警告调试
ErrorLog${APACHE_LOG_DIR}/privateinfo.app/error.LOG
CustomLog${APACHE_LOG_DIR}/privateinfo.app/access.LOG组合
Include/etc/letsencrypt/options-ssl-apache.conf
ServerAlias privateinfo.app
SSLCertificateFile/etc/letsencrypt/live/privateinfo.app/fullchain.pem
SSLCertificateKeyFile/etc/letsencrypt/live/privateinfo.app/privkey.pem
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RewriteEngine on
RewriteCond %{SERVER_NAME} =privateinfo.app [OR]
RewriteCond %{SERVER_NAME} =https://privateinfo.app
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:*>
ServerAdmin admin@privateinfo.app
ServerName https://privateinfo.app
ServerAlias https://privateinfo.app
SSLProxyEngine On
ProxyPreserveHost On
ProxyPass / https://127.0.0.1:5001
ProxyPassReverse / https://127.0.0.1:5001
LogLevel info ssl:warn warn debug
ErrorLog ${APACHE_LOG_DIR}/privateinfo.app/error.log
CustomLog ${APACHE_LOG_DIR}/privateinfo.app/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
ServerAlias privateinfo.app
SSLCertificateFile /etc/letsencrypt/live/privateinfo.app/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/privateinfo.app/privkey.pem
</VirtualHost>