我花了几个小时尝试将我的 Apache 服务器配置为使用 SSL,没有公共(public) IP,只有 localhost。我想我已经创建了证书(这对我来说就像黑魔法速成类),当我尝试访问 https://localhost 时,浏览器在状态行上显示“已连接到本地主机...”,但只是永久加载。以下是 error_log 的片段:
[Fri Mar 27 22:03:39 2009] [info] Loading certificate & private key of SSL-aware server
[Fri Mar 27 22:03:39 2009] [info] Configuring server for SSL protocol
[Fri Mar 27 22:03:39 2009] [info] Loading certificate & private key of SSL-aware server
[Fri Mar 27 22:03:40 2009] [info] Configuring server for SSL protocol
那里一切似乎都很好,但是,同时,在 ssl_engine_log...
[Fri Mar 27 22:03:39 2009] [info] Init: Initializing OpenSSL library
[Fri Mar 27 22:03:39 2009] [info] Init: Seeding PRNG with 136 bytes of entropy
[Fri Mar 27 22:03:39 2009] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Fri Mar 27 22:03:39 2009] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Fri Mar 27 22:03:39 2009] [info] Init: Initializing (virtual) servers for SSL
[Fri Mar 27 22:03:39 2009] [info] mod_ssl/2.0.61 compiled against Server: Apache/2.0.61, Library: OpenSSL/0.9.7i
[Fri Mar 27 22:03:39 2009] [warn] module php5_module is already loaded, skipping
[Fri Mar 27 22:03:39 2009] [info] Init: Initializing OpenSSL library
[Fri Mar 27 22:03:39 2009] [info] Init: Seeding PRNG with 136 bytes of entropy[Fri Mar 27 22:03:39 2009] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Fri Mar 27 22:03:40 2009] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Fri Mar 27 22:03:40 2009] [info] Init: Initializing (virtual) servers for SSL
[Fri Mar 27 22:03:40 2009] [info] mod_ssl/2.0.61 compiled against Server: Apache/2.0.61, Library: OpenSSL/0.9.7i
[Fri Mar 27 22:03:40 2009] [notice] Digest: generating secret for digest authentication ...
[Fri Mar 27 22:03:40 2009] [notice] Digest: done
[Fri Mar 27 22:03:40 2009] [notice] Apache/2.0.61 (Unix) mod_ssl/2.0.61 OpenSSL/0.9.7l DAV/2 PHP/5.2.5 configured -- resuming normal operations
[Fri Mar 27 22:03:40 2009] [info] Server built: Jan 17 2008 17:33:42
[Fri Mar 27 22:03:40 2009] [emerg] (13)Permission denied: apr_proc_mutex_lock failed. Attempting to shutdown process gracefully.
[Fri Mar 27 22:03:40 2009] [emerg] (13)Permission denied: apr_proc_mutex_lock failed. Attempting to shutdown process gracefully.
...还有更多类似最后两行的内容,直到我最终停止服务器...
[Fri Mar 27 22:03:43 2009] [info] removed PID file /usr/local/apache2/logs/httpd.pid (pid=8786)
[Fri Mar 27 22:03:43 2009] [notice] caught SIGTERM, shutting down
关于此权限被拒绝和apr_proc_mutex_lock失败的一些谷歌搜索没有产生任何有用的结果。只有一些与 MPM 和 perchild 选项相关的结果,但由于它们很旧(2002 年和 2003 年),我在阅读它们后实际上无法得出任何结论,我问你是否有办法克服这个问题。好吧,首先:问题到底是什么?模块之间是否存在任何不兼容的情况?我是否必须重新编译一些东西(主啊,请不要再编译一次,不)?
提前致谢。
最佳答案
庆幸的是您没有使用 apache 1.3——在其上运行 SSL 要困难得多!
mod_ssl 需要对几个文件的写入权限才能工作。看看this setting并确保 apache 对该文件所在的目录具有写权限。例如,如果说(例如):
SSLMutex 文件:/var/run/apache/ssl.mutex
您需要验证 apache 是否可以写入 /var/run/apache。
几乎所有这些类型的错误通常都是文件系统上的某种权限错误。
关于apache - 对使用 SSL 支持配置 Apache 感到茫然和困惑,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/693331/