Apache:cURL:ssl3\u get\u记录:apache2 ssl的版本号错误
我有一个同时运行2个Magento站点的服务器。站点1在SSL下工作正常,而站点2在我每次访问时都返回一个错误 我尝试使用cURL测试网站:Apache:cURL:ssl3\u get\u记录:apache2 ssl的版本号错误,ssl,curl,apache2.4,Ssl,Curl,Apache2.4,我有一个同时运行2个Magento站点的服务器。站点1在SSL下工作正常,而站点2在我每次访问时都返回一个错误 我尝试使用cURL测试网站: curl -v https://example2-domain.com/ cURL抛出以下错误: * Trying 97.74.223.135... * TCP_NODELAY set * Connected to example2-domain.com (97.74.233.135) port 443 (#0) * ALPN, offering h
curl -v https://example2-domain.com/
cURL抛出以下错误:
* Trying 97.74.223.135...
* TCP_NODELAY set
* Connected to example2-domain.com (97.74.233.135) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* (304) (OUT), TLS handshake, Client hello (1):
* error:1408F10B:SSL routines:ssl3_get_record:wrong version number
* stopped the pause stream!
* Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
以下是Apache VirtualHost块供参考:
<VirtualHost 97.74.233.135:8080>
ServerName www.example-domain.com
ServerAlias example-domain.com
DocumentRoot /home/example/public_html
DirectoryIndex index.php
ServerAdmin webmaster@example-domain.com
UseCanonicalName Off
ScriptAlias /cgi-bin/ /home/example/public_html/cgi-bin/
<Directory /home/example/public_html>
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost 97.74.233.135:8080>
ServerName example-domain2.com
DocumentRoot /home/example2/public_html
DirectoryIndex index.php
ServerAdmin webmaster@example-domain2.com
UseCanonicalName Off
ScriptAlias /cgi-bin/ /home/example2/public_html/cgi-bin/
<Directory /home/example2/public_html>
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost 97.74.233.135:443>
ServerAdmin webmaster@example-domain.com
ServerName www.example-domain.com
LogLevel warn
ErrorLog /var/log/apache2/example-domain.com-ssl-error.log
CustomLog /var/log/apache2/example-domain.com-ssl-access.log combined
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:6081/
ProxyPassReverse / http://127.0.0.1:6081/
RequestHeader set X-Forwarded-Port "443"
RequestHeader set X-Forwarded-Proto "https"
SSLEngine On
SSLCertificateFile /ssl/example-domain.crt
SSLCertificateKeyFile /ssl/example-domain-key.txt
SSLCertificateChainFile /ssl/example-domain.ca-bundle
</VirtualHost>
<VirtualHost 97.74.233.135:443>
ServerAdmin webmaster@example-domain2.com
ServerName example-domain2.com
LogLevel warn
ErrorLog /var/log/apache2/example-domain2.com-ssl-error.log
CustomLog /var/log/apache2/example-domain2.com-ssl-access.log combined
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:6081/
ProxyPassReverse / http://127.0.0.1:6081/
RequestHeader set X-Forwarded-Port "443"
RequestHeader set X-Forwarded-Proto "https"
SSLEngine On
SSLCertificateFile /ssl/example-domain2.com.crt
SSLCertificateKeyFile /ssl/example-domain2-key.txt
SSLCertificateChainFile /ssl/example-domain2.ca-bundle
</VirtualHost>
服务器名www.example-domain.com
ServerAlias示例-domain.com
DocumentRoot/home/example/public\u html
DirectoryIndex.php
服务器管理员webmaster@example-domain.com
UseCononicalName关闭
ScriptAlias/cgi-bin//home/example/public\u html/cgi-bin/
命令允许,拒绝
通融
ServerName示例-domain2.com
DocumentRoot/home/example2/public\u html
DirectoryIndex.php
服务器管理员webmaster@example-域名2.com
UseCononicalName关闭
ScriptAlias/cgi-bin//home/example2/public\u html/cgi-bin/
命令允许,拒绝
通融
服务器管理员webmaster@example-domain.com
服务器名www.example-domain.com
日志级别警告
ErrorLog/var/log/apache2/example-domain.com-ssl-error.log
CustomLog/var/log/apache2/example-domain.com-ssl-access.log组合
代理主机
ProxyPass/http://127.0.0.1:6081/
ProxyPassReverse/http://127.0.0.1:6081/
RequestHeader设置X转发端口“443”
RequestHeader集合X-Forwarded-Proto“https”
斯伦金安
SSLCertificateFile/ssl/example-domain.crt
SSLCertificateKeyFile/ssl/example-domain-key.txt
SSLCertificateChainFile/ssl/example-domain.ca-bundle
服务器管理员webmaster@example-域名2.com
ServerName示例-domain2.com
日志级别警告
ErrorLog/var/log/apache2/example-domain2.com-ssl-error.log
CustomLog/var/log/apache2/example-domain2.com-ssl-access.log组合
代理主机
ProxyPass/http://127.0.0.1:6081/
ProxyPassReverse/http://127.0.0.1:6081/
RequestHeader设置X转发端口“443”
RequestHeader集合X-Forwarded-Proto“https”
斯伦金安
SSLCertificateFile/ssl/example-domain2.com.crt
SSLCertificateKeyFile/ssl/example-domain2-key.txt
SSLCertificateChainFile/ssl/example-domain2.ca-bundle
如果您想知道端口6081上有什么,那么Varnish被配置为位于该端口上
有人能告诉我为什么会这样吗?谢谢 结果是,域首先指向了错误的服务器!这就是为什么会出现错误。将域的A记录指向正确的服务器后,配置都是正确的。我在Ubuntu 20.04上的Apache2web服务器上工作时遇到了同样的问题,当时我正在为网站设置SSL 每次运行curl请求时:
curl https://corebanking.test.vggdev.com
或
我得到一个错误:
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
我检查了我的网站配置文件(mywebsite.conf
),它看起来很好
以下是我如何修复它的方法:
我想我没有启用/etc/apache2/sites
目录中的网站配置文件(mywebsite.conf
)。因此,配置未启用
我所要做的就是将my website.conf
符号链接到/etc/apache2/sites enabled
目录:
sudo ln -s /etc/apache2/sites-available/my-website.conf /etc/apache2/sites-enabled/my-website
接下来,我列出了/etc/apache2/sites enabled
目录的内容,以确保网站的配置文件(my website.conf
)在那里:
ls /etc/apache2/sites-enabled/
最后,我重新启动了apache2 web服务器:
sudo systemctl restart apache2
就这些
我希望这有帮助这通常表示服务器没有响应任何预期的TLS数据。你查过apache日志了吗?可能是您指向了一些不存在的文件,因此apache无法设置TLS连接?可能是用示例名称替换实际主机名,但是
example-domain2.com
的SSLCertificateFile
属性包含一个额外的.com
-ie./ssl/example-domain2.com.crt
,而www.example.domain.com
配置不包含.com
-ie./ssl/example-domain.crt
,我已经检查了文件的路径证书文件及其对应的名称,一切都井然有序。困扰我的是,除了文件名和路径之外,他们的VirtualHost块完全相同,但另一个块不起作用。
sudo systemctl restart apache2