让我们加密和过多的重定向
我正在使用Pufferpanel来管理我的游戏服务器,并且遇到了SSL证书步骤的问题。我正在使用让我们加密生成证书,随之而来的是系统文件验证,以确保其真实。我无法获得。我在网上找到了一些资源,并提出了下面的配置。不幸的是,它行不通。它显示了一个镀铬错误,说我执行了太多重定向,我该如何解决此问题。非常感谢您提供的任何帮助。
##################################################################################################
# PANEL VIRTUAL HOST #
##################################################################################################
<VirtualHost *:80 *:8080 *:443>
ServerName panel.example.com
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule .* ws://localhost:8080%{REQUEST_URI} [P]
</VirtualHost>
I'm using PufferPanel to manage my game servers and I have run into a problem with the SSL certificate step. I'm using Lets Encrypt to generate a certificate and with that comes system files verification to make sure it is authentic. I can't get the .well-known to work as Pufferhost must have something within its JS which redirects anything to a 404 page. I found some resources online and came up with the configuration below. Unfortunately, it does not work. It shows a chrome error saying that I am performing too many redirects, how can I fix this. I really appreciate any help you can provide.
##################################################################################################
# PANEL VIRTUAL HOST #
##################################################################################################
<VirtualHost *:80 *:8080 *:443>
ServerName panel.example.com
ProxyPreserveHost On
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,QSA]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteCond %{HTTP:Connection} upgrade [NC]
RewriteRule .* ws://localhost:8080%{REQUEST_URI} [P]
</VirtualHost>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
VHOST收听端口8080,然后重定向到端口8080,这应该是循环。
我建议为每个端口使用单独的VHOST。
一个用于端口80 HTTP,一个用于端口443 HTTP。端口8080不需要VHOST,因为您重定向到它。
然后,您可以将VHOST与端口80一起使用DocumentRoot,让Lets-Encrypt可以存储.Well/acme-challenge/。
当您拥有Lets加密证书时,您可以将重定向从端口80添加到端口443,以强制HTTPS。然后,您需要将SSL-Certificate添加到端口443 VHOST配置。
根据您的操作系统,SSLCertificateFile/sslCertificateKeyFile-Path在另一个位置。
The vhost listen to Port 8080 and then redirect to Port 8080, that should be the loop.
I would suggest to use individual vhosts for each Port.
One for Port 80 HTTP and one for Port 443 HTTPS. Port 8080 needs no vhost because you redirect to it.
Then you can use the Vhost with Port 80 with a DocumentRoot where Lets-encrypt can store the .well-known/acme-challenge/.
When you have the Lets Encrypt Certificate you can add an redirect from Port 80 to Port 443 to force HTTPS. Then you need to add the SSL-Certificate to the Port 443 vhost config.
Depending on your OS the SSLCertificateFile/SSLCertificateKeyFile-Path is at an other location.