配置ssl后，节点的Bitnami代理不起作用

Question

我使用bitnami的节点镜像在AWS Lightsail上创建了一个实例。

我安装了我的应用程序并启动了它，根据我找到的指南配置了一切，就像这样：host public node js website on amazon AWS LightSail without Bitnami

由于某种原因，我没有bitnami-apps-prefix.conf，所以我创建了它，然后将它包含在/opt/bitnami/apache2/conf/bitnami/bitnami.conf中。重新启动了Apache，它起作用了。

之后，我使用提供的bncert-tool安装了ssl证书。添加证书后，我的域有了ssl，但我不能再访问我的应用程序，我得到了默认页面，与实例启动后获得的页面相同：

​

​

我检查了一下，bitnami.conf似乎仍然包含我添加的bitnami-apps-prefix.conf，我试图在虚拟主机中添加代理作为第一件事，但它没有帮助。

这是我的/opt/bitnami/apache2/conf/bitnami/bitnami.conf文件：

# Default Virtual Host configuration.

# Let Apache know we're behind a SSL reverse proxy
SetEnvIf X-Forwarded-Proto https HTTPS=on

<VirtualHost _default_:80>
  DocumentRoot "/opt/bitnami/apache/htdocs"
  # BEGIN: Configuration for letsencrypt
  Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
  # END: Configuration for letsencrypt
  # BEGIN: Support domain renewal when using mod_proxy without Location
  <IfModule mod_proxy.c>
    ProxyPass /.well-known !
  </IfModule>
  # END: Support domain renewal when using mod_proxy without Location
  # BEGIN: Enable HTTP to HTTPS redirection
  RewriteEngine On
  RewriteCond %{HTTPS} !=on
  RewriteCond %{HTTP_HOST} !^localhost
  RewriteCond %{HTTP_HOST} !^[0-9]+.[0-9]+.[0-9]+.[0-9]+(:[0-9]+)?$
  RewriteCond %{REQUEST_URI} !^/\.well-known
  RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]
  # END: Enable HTTP to HTTPS redirection
  <Directory "/opt/bitnami/apache/htdocs">
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
  </Directory>

  # Error Documents
  ErrorDocument 503 /503.html
  #Bitnami applications installed with a prefix URL (default)
  Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
  # BEGIN: Support domain renewal when using mod_proxy within Location
  <Location /.well-known>
    <IfModule mod_proxy.c>
      ProxyPass !
    </IfModule>
  </Location>
  # END: Support domain renewal when using mod_proxy within Location
</VirtualHost>

Include "/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf"

这里我漏掉了什么？为什么不将请求重定向到我的应用程序？

Answer 1

我不得不将Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"添加到/opt/bitnami/apache/conf/bitnami/bitnami-ssl.conf中。

首先，我不确定它为什么会丢失，从文档中我理解它应该是开箱即用的。

Answer 2

Bitnami工程师

看起来你没有遵循Bitnami文档。如果您查看一下，您会发现在实例中配置VirtualHost有不同的步骤。

https://docs.bitnami.com/aws/infrastructure/nodejs/administration/create-custom-application-nodejs/#step-3-serve-your-application-through-the-apache-web-server

您可以复制我们在实例中生成的文件

sudo cp /opt/bitnami/apache/conf/vhosts/sample-http-vhost.conf.disabled /opt/bitnami/apache/conf/vhosts/sample-http-vhost.conf
sudo cp /opt/bitnami/apache/conf/vhosts/sample-https-vhost.conf.disabled /opt/bitnami/apache/conf/vhosts/sample-https-vhost.conf

或者生成包含以下内容的那些文件

• /opt/bitnami/apache/conf/vhosts/myapp-http-vhost.conf

<VirtualHost _default_:80>
  ServerAlias *
  DocumentRoot "/opt/bitnami/projects/myapp/public"
  <Directory "/opt/bitnami/projects/myapp/public">
    Require all granted
  </Directory>
  ProxyPass / http://localhost:3000/
  ProxyPassReverse / http://localhost:3000/
</VirtualHost>

• /opt/bitnami/apache/conf/vhosts/myapp-https-vhost.conf

<VirtualHost _default_:443>
  ServerAlias *
  SSLEngine on
  SSLCertificateFile "/opt/bitnami/apache/conf/bitnami/certs/server.crt"
  SSLCertificateKeyFile "/opt/bitnami/apache/conf/bitnami/certs/server.key"
  DocumentRoot "/opt/bitnami/projects/myapp"
  <Directory "/opt/bitnami/projects/myapp">
    Require all granted
  </Directory>
  ProxyPass / http://localhost:3000/
  ProxyPassReverse / http://localhost:3000/
</VirtualHost>

您稍后将需要重新启动Apache

sudo /opt/bitnami/ctlscript.sh restart apache