https上的php soap api调用不起作用
我在debian上安装了一个php soap服务器api,使用nginx作为apache的代理。 Soap调用可以在http上正常工作,但不能在https上正常工作 nginx的配置如下https上的php soap api调用不起作用,php,apache,web-services,soap,nginx,Php,Apache,Web Services,Soap,Nginx,我在debian上安装了一个php soap服务器api,使用nginx作为apache的代理。 Soap调用可以在http上正常工作,但不能在https上正常工作 nginx的配置如下 server { listen 443 ssl; server_name <sub domain name>; ssl on; ssl_certificate /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt;
server {
listen 443 ssl;
server_name <sub domain name>;
ssl on;
ssl_certificate /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt;
ssl_certificate_key /etc/nginx/ssl/dev/wildcard.<dm name>.key;
location / {
proxy_redirect off;
proxy_pass https://localhost:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
# return 301 https://$host$request_uri;
server_name <sub domain name>;
location / {
proxy_pass http://<server ip>:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
<VirtualHost *:8081>
ServerName <my sub domain>
ServerAlias www.<my sub domain>
SSLEngine on
SSLCertificateFile /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt
SSLCertificateKeyFile /etc/nginx/ssl/dev/wildcard.<dm name>.net.key
#SSLProtocol ALL -SSLv2 -SSLv3
#SSLVerifyClient none
#SSLVerifyDepth 1
#SSLHonorCipherOrder On
#SSLCipherSuite
DocumentRoot /var/www/<project folder>
<Directory /var/www/<project folder>>
Options FollowSymLinks -Indexes
AllowOverride All
Order Allow,Deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
NameVirtualHost *:8080
Listen 8080
<IfModule mod_ssl.c>
NameVirtualHost *:8081
# # If you add NameVirtualHost *:443 here, you will also have to change
# # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# # to <VirtualHost *:443>
# # Server Name Indication for SSL named virtual hosts is currently not
# # supported by MSIE on Windows XP.
Listen 8081
</IfModule>
<IfModule mod_gnutls.c>
Listen 8081
</IfModule>
服务器{
听443ssl;
服务器名称;
ssl-on;
ssl_证书/etc/nginx/ssl/dev/wildcard.-chained.crt;
ssl\u证书\u密钥/etc/nginx/ssl/dev/wildcard..key;
地点/{
代理_重定向关闭;
代理通行证https://localhost:8081;
代理设置头主机$Host;
代理集头X-Real-IP$remote\u addr;
proxy\u set\u header X-Forwarded-For$proxy\u add\u X\u Forwarded\u For;
代理集头X-Forwarded-Proto$方案;
}
}
服务器{
听80;
#返回301 https://$host$request\u uri;
服务器名称;
地点/{
代理传递http://:8080;
代理设置头主机$Host;
代理集头X-Real-IP$remote\u addr;
proxy\u set\u header X-Forwarded-For$proxy\u add\u X\u Forwarded\u For;
代理集头X-Forwarded-Proto$方案;
}
}
apache的配置如下
server {
listen 443 ssl;
server_name <sub domain name>;
ssl on;
ssl_certificate /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt;
ssl_certificate_key /etc/nginx/ssl/dev/wildcard.<dm name>.key;
location / {
proxy_redirect off;
proxy_pass https://localhost:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
# return 301 https://$host$request_uri;
server_name <sub domain name>;
location / {
proxy_pass http://<server ip>:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
<VirtualHost *:8081>
ServerName <my sub domain>
ServerAlias www.<my sub domain>
SSLEngine on
SSLCertificateFile /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt
SSLCertificateKeyFile /etc/nginx/ssl/dev/wildcard.<dm name>.net.key
#SSLProtocol ALL -SSLv2 -SSLv3
#SSLVerifyClient none
#SSLVerifyDepth 1
#SSLHonorCipherOrder On
#SSLCipherSuite
DocumentRoot /var/www/<project folder>
<Directory /var/www/<project folder>>
Options FollowSymLinks -Indexes
AllowOverride All
Order Allow,Deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
NameVirtualHost *:8080
Listen 8080
<IfModule mod_ssl.c>
NameVirtualHost *:8081
# # If you add NameVirtualHost *:443 here, you will also have to change
# # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# # to <VirtualHost *:443>
# # Server Name Indication for SSL named virtual hosts is currently not
# # supported by MSIE on Windows XP.
Listen 8081
</IfModule>
<IfModule mod_gnutls.c>
Listen 8081
</IfModule>
服务器名
服务器别名www。
斯伦金安
SSLCertificateFile/etc/nginx/ssl/dev/wildcard.-chained.crt
SSLCertificateKeyFile/etc/nginx/ssl/dev/wildcard..net.key
#SSLProtocol ALL-SSLv2-SSLv3
#SSLVERIFYCLENT无
#SSLVerifyDepth 1
#SSLHonorCipherOrder开启
#SSLCipherSuite
DocumentRoot/var/www/
选项下面的符号链接-索引
允许超越所有
命令允许,拒绝
通融
SSLRequireSSL
我对apache ports.conf进行了如下更改
server {
listen 443 ssl;
server_name <sub domain name>;
ssl on;
ssl_certificate /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt;
ssl_certificate_key /etc/nginx/ssl/dev/wildcard.<dm name>.key;
location / {
proxy_redirect off;
proxy_pass https://localhost:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
# return 301 https://$host$request_uri;
server_name <sub domain name>;
location / {
proxy_pass http://<server ip>:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
<VirtualHost *:8081>
ServerName <my sub domain>
ServerAlias www.<my sub domain>
SSLEngine on
SSLCertificateFile /etc/nginx/ssl/dev/wildcard.<dm name>-chained.crt
SSLCertificateKeyFile /etc/nginx/ssl/dev/wildcard.<dm name>.net.key
#SSLProtocol ALL -SSLv2 -SSLv3
#SSLVerifyClient none
#SSLVerifyDepth 1
#SSLHonorCipherOrder On
#SSLCipherSuite
DocumentRoot /var/www/<project folder>
<Directory /var/www/<project folder>>
Options FollowSymLinks -Indexes
AllowOverride All
Order Allow,Deny
Allow from all
SSLRequireSSL
</Directory>
</VirtualHost>
NameVirtualHost *:8080
Listen 8080
<IfModule mod_ssl.c>
NameVirtualHost *:8081
# # If you add NameVirtualHost *:443 here, you will also have to change
# # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# # to <VirtualHost *:443>
# # Server Name Indication for SSL named virtual hosts is currently not
# # supported by MSIE on Windows XP.
Listen 8081
</IfModule>
<IfModule mod_gnutls.c>
Listen 8081
</IfModule>
NameVirtualHost*:8080
听8080
名称虚拟主机*:8081
##如果您在此处添加NameVirtualHost*:443,您还必须进行更改
##/etc/apache2/sites available/default ssl中的VirtualHost语句
##至
##SSL命名虚拟主机的服务器名称指示当前不可用
##由Windows XP上的MSIE支持。
听8081
听8081
请告诉我我错过了什么。
当我在本地使用php客户机并进行soap调用时,如果url是http,它就可以工作,但是如果url是https,它就不工作
我也没有看到任何有用的错误消息。您的域证书对于localhost无效,因此Nginx将拒绝它。连接到localhost时,您不需要SSL,因此只需将Nginx代理的HTTPS侦听器设置为Apache的HTTP侦听器。您的域证书对于localhost无效,因此Nginx将拒绝它。无论如何,连接到本地主机时不需要SSL,因此只需将Nginx代理的HTTPS侦听器设置为Apache的HTTP侦听器即可。谢谢。我做了改变,但仍然不起作用。我将nginx HTTPS listener conf更改为proxy_pass http://:8080;我可以通过https使用浏览器访问soap文件,但简单的php soap客户端调用不起作用$vLocation='https://'$client=newsoapclient(“”,数组(“location”=>$vLocation,“trace”=>1,'cache\u wsdl'=>wsdl\u cache\u NONE))$vFunctions=$client->_getFunctions();同一个php soap应用程序托管在不同的服务器上,在该服务器上,当我执行openssl s_client-connect-ssl3时,我无法访问vhost配置工作。我获得“已连接”(00000003)140735331525456:错误:1409E0E5:SSL例程:SSL3_写入_字节:SSL握手失败:s3_pkt.c:598:`我的nginx配置SSL_协议SSLv3 TLSv1 TLSv1.1 TLSv1.2中有以下内容;任何想法都可以。我做了改变,但仍然不起作用。我将nginx HTTPS listener conf更改为proxy_pass http://:8080;我可以通过https使用浏览器访问soap文件,但简单的php soap客户端调用不起作用$vLocation='https://'$client=newsoapclient(“”,数组(“location”=>$vLocation,“trace”=>1,'cache\u wsdl'=>wsdl\u cache\u NONE))$vFunctions=$client->_getFunctions();同一个php soap应用程序托管在不同的服务器上,在该服务器上,当我执行openssl s_client-connect-ssl3时,我无法访问vhost配置工作。我获得“已连接”(00000003)140735331525456:错误:1409E0E5:SSL例程:SSL3_写入_字节:SSL握手失败:s3_pkt.c:598:`我的nginx配置SSL_协议SSLv3 TLSv1 TLSv1.1 TLSv1.2中有以下内容;有什么想法吗