Re: node.js application listening on port 8000 enabled with SSL certificate returns ERR_SSL_PROTOCOL_ERROR on browser.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Frank,

I have modified the nodejsbackendssl.conf file located in /etc/httpd/conf.d/ to the below configuration.

#cat  /etc/httpd/conf.d/nodejsbackendssl.conf
<VirtualHost *:80>
        ServerName nodejs.mydomain.com
        ProxyPass / http://localhost:8000/
        LogLevel debug
        ErrorLog /var/log/httpd/nodejssslerror.log
        CustomLog /var/log/httpd/nodejssslaccess.log combined
</VirtualHost>

Below are the logs in /var/log/httpd/nodejssslerror.log 

[Sun Jun 25 16:04:40.289171 2023] [proxy:debug] [pid 6223:tid 6223] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:40.289261 2023] [proxy:debug] [pid 6223:tid 6223] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:40.289281 2023] [proxy:debug] [pid 6223:tid 6223] proxy_util.c(2247): AH00930: initialized pool in child 6223 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:04:41.296927 2023] [proxy:debug] [pid 6228:tid 6228] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:41.297078 2023] [proxy:debug] [pid 6228:tid 6228] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:41.297120 2023] [proxy:debug] [pid 6228:tid 6228] proxy_util.c(2247): AH00930: initialized pool in child 6228 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:04:41.300665 2023] [proxy:debug] [pid 6227:tid 6227] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:41.300826 2023] [proxy:debug] [pid 6227:tid 6227] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:41.300874 2023] [proxy:debug] [pid 6227:tid 6227] proxy_util.c(2247): AH00930: initialized pool in child 6227 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:04:42.308374 2023] [proxy:debug] [pid 6233:tid 6233] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:42.308496 2023] [proxy:debug] [pid 6233:tid 6233] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:42.308533 2023] [proxy:debug] [pid 6233:tid 6233] proxy_util.c(2247): AH00930: initialized pool in child 6233 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:04:42.315943 2023] [proxy:debug] [pid 6237:tid 6237] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:42.316046 2023] [proxy:debug] [pid 6237:tid 6237] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:42.316107 2023] [proxy:debug] [pid 6237:tid 6237] proxy_util.c(2247): AH00930: initialized pool in child 6237 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:04:42.319277 2023] [proxy:debug] [pid 6234:tid 6234] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:42.319388 2023] [proxy:debug] [pid 6234:tid 6234] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:42.319473 2023] [proxy:debug] [pid 6234:tid 6234] proxy_util.c(2247): AH00930: initialized pool in child 6234 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:04:42.321555 2023] [proxy:debug] [pid 6240:tid 6240] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:04:42.321774 2023] [proxy:debug] [pid 6240:tid 6240] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:04:42.321858 2023] [proxy:debug] [pid 6240:tid 6240] proxy_util.c(2247): AH00930: initialized pool in child 6240 for (localhost:8000) min=0 max=4 smax=4
[Sun Jun 25 16:05:23.369794 2023] [proxy:debug] [pid 6247:tid 6247] proxy_util.c(2155): AH00925: initializing worker http://localhost:8000/ shared
[Sun Jun 25 16:05:23.369988 2023] [proxy:debug] [pid 6247:tid 6247] proxy_util.c(2215): AH00927: initializing worker http://localhost:8000/ local
[Sun Jun 25 16:05:23.370029 2023] [proxy:debug] [pid 6247:tid 6247] proxy_util.c(2247): AH00930: initialized pool in child 6247 for (localhost:8000) min=0 max=4 smax=4

Please suggest and guide me. Thanks in advance.

Best Regards,

Kaushal




On Sun, Jun 25, 2023 at 12:35 PM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
Why did you define a vhost without a ServerName directive?

Also, those access log entries are quite useless, other than the requested path. Increase the log level, and find the error log entries instead.

On Sun, Jun 25, 2023 at 2:54 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:


On Sun, Jun 25, 2023 at 10:40 AM Frank Gingras <thumbs@xxxxxxxxxx> wrote:
If you proxy all requests to another host, you do not need a DocumentRoot, no. Also, do avoid using a <Location> block to proxy requests, and instead just use ProxyPass / http://localhost:8000/


Hi Frank,

Thanks for the email response. I am still encountering 404 as per the below http access log.

172.16.16.45 - drupaladmin [25/Jun/2023:12:17:40 +0530] "GET /demo/element/index.html HTTP/1.1" 404 25644 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
172.16.16.45 - drupaladmin [25/Jun/2023:12:18:15 +0530] "GET /demo/element/index.html HTTP/1.1" 404 25644 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"

cat  /etc/httpd/conf.d/nodejsbackendssl.conf
<VirtualHost *:80>
        ProxyPass / http://localhost:8000/
</VirtualHost>
#

Please suggest and guide me. Thanks in advance.

Best Regards,

Kaushal



 
On Sun, Jun 25, 2023 at 12:44 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:


On Sun, Jun 25, 2023 at 7:44 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:

On Thu, Jun 22, 2023 at 5:42 AM Richard <lists-apache@xxxxxxxxxxxxxxxxxxxxx> wrote:


> Date: Wednesday, June 21, 2023 20:14:40 +0000
> From: Richard
>
>
>> Date: Thursday, June 22, 2023 00:13:34 +0530
>> From: Kaushal Shriyan <kaushalshriyan@xxxxxxxxx>
>>
>> When i hit https://nodejs.mydomain.com/demo/index.html I see the
>> below in both httpd error and access logs
>>
>># pwd
>> /var/log/httpd
>># cat error_log
>> [Thu Jun 22 00:06:34.161122 2023] [suexec:notice] [pid 16995:tid
>> 16995] AH01232: suEXEC mechanism enabled (wrapper:
>> /usr/sbin/suexec) [Thu Jun 22 00:06:34.196360 2023] [http2:warn]
>> [pid 16995:tid 16995] AH10034: The mpm module (prefork.c) is not
>> supported by mod_http2. The mpm determines how things are
>> processed in your server. HTTP/2 has more demands in this regard
>> and the currently selected mpm will just not do. This is an
>> advisory warning. Your server will continue to work, but the
>> HTTP/2 protocol will be inactive.
>> [Thu Jun 22 00:06:34.197101 2023] [lbmethod_heartbeat:notice] [pid
>> 16995:tid 16995] AH02282: No slotmem from mod_heartmonitor
>> [Thu Jun 22 00:06:34.243545 2023] [mpm_prefork:notice] [pid
>> 16995:tid 16995] AH00163: Apache/2.4.57 (IUS) OpenSSL/1.0.2k-fips
>> PHP/8.1.20 configured -- resuming normal operations
>> [Thu Jun 22 00:06:34.243596 2023] [core:notice] [pid 16995:tid
>> 16995] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
>>
>>
>># cat access_log
>> 172.16.16.45 - drupaladmin [22/Jun/2023:00:06:45 +0530] "GET
>> /demo/index.html HTTP/1.1" 404 25644 "-" "Mozilla/5.0 (Macintosh;
>> Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)
>> Chrome/114.0.0.0 Safari/537.36"
>> 172.16.16.45 - drupaladmin [22/Jun/2023:00:06:45 +0530] "GET
>> /demo/index.html HTTP/1.1" 404 25644 "-" "Mozilla/5.0 (Macintosh;
>> Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)
>> Chrome/114.0.0.0 Safari/537.36"
>
> Leaving aside other potential issues, the timestamps on your
> error_log entries are from:
>
>     Jun 22 00:06:34
>
> while the ones with the 404 in your access_log are from:
>
>     22/Jun/2023:00:06:45
>
> ~10 minutes later. I.e., they do not appear to be for the same
> event.
>
> The error_log entries look like server startup error messages,
> rather than ones related to a browser request. Also, given the
> timestamp formats, I'm suspecting that they aren't even from the
> same apache server/machine instance.
>
> Look at the entries in the error_log that are specific to the
> access_log 404 errors. That will give you more detail from that side
> of things.
>

correction ...

 > ~10 minutes later. I.e., they do not appear to be for the
 > same event.

should be:

 > ~10 seconds later ...

regardless, the error_log entries aren't for the access_log 404
requests/events.






---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


Hi,

OS :- CentOS Linux release 7.9.2009 (Core)
# node --version
v16.20.0
# httpd -v
Server version: Apache/2.4.57 (IUS)
Server built:   Apr  7 2023 14:49:47
#
#cd /etc/httpd/conf.d/
#cat httpdfrontend.conf
<VirtualHost *:80>
    ServerName nodejs.mydomain.com
    Redirect / https://nodejs.mydomain.com/
 </VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/html/web
ServerName nodejs.mydomain.com
Header add Access-Control-Allow-Origin "*"
        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/nodejs.mydomain.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/nodejs.mydomain.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/nodejs.mydomain.com/chain.pem
        Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"

<Directory "/var/www/html/web">
DirectoryIndex index.html index.php
Options FollowSymLinks
AllowOverride All
        Require valid-user
        AuthType Basic
        AuthName "Restricted Content"
        AuthUserFile /var/www/html/web/.htpasswd
</Directory>
</VirtualHost>

#cd /etc/httpd/conf.d/
# cat nodejsbackendssl.conf
<VirtualHost *:80>
<Location />
        ProxyPass http://localhost:8000/
    </Location>
</VirtualHost>

# netstat -anp | grep 8000
tcp6       0      0 :::8000                 :::*                    LISTEN      23679/node
tcp6       0      0 192.168.0.116:8000      104.152.52.207:46601    ESTABLISHED 23679/node
tcp6       0      0 192.168.0.116:8000      172.16.16.45:50467      ESTABLISHED 23679/node
#

https://nodejs.mydomain.com/demo/index.html -> returns 404 
http://nodejs.mydomain.com:8000/demo/index.html -> returns the content with Non Secure on the browser.

Please suggest and guide me. Thanks in advance.

Best Regards,

Kaushal


Hi,

Further to the earlier post, do i need to specify documentroot in /etc/httpd/conf.d/nodejsbackendssl.conf file to render index.html file based on httpd access log file /var/log/httpd/access_log ?

cat  /etc/httpd/conf.d/nodejsbackendssl.conf
<VirtualHost *:80>
DocumentRoot /var/www/html/web/demo
<Location />
        ProxyPass http://localhost:8000/
    </Location>
</VirtualHost>

#pwd
/var/log/httpd
# cat error_log
[Thu Jun 22 00:06:34.161122 2023] [suexec:notice] [pid 16995:tid 16995] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Jun 22 00:06:34.196360 2023] [http2:warn] [pid 16995:tid 16995] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.
[Thu Jun 22 00:06:34.197101 2023] [lbmethod_heartbeat:notice] [pid 16995:tid 16995] AH02282: No slotmem from mod_heartmonitor
[Thu Jun 22 00:06:34.243545 2023] [mpm_prefork:notice] [pid 16995:tid 16995] AH00163: Apache/2.4.57 (IUS) OpenSSL/1.0.2k-fips PHP/8.1.20 configured -- resuming normal operations
[Thu Jun 22 00:06:34.243596 2023] [core:notice] [pid 16995:tid 16995] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
#cat access_log
172.16.16.45 - drupaladmin [22/Jun/2023:00:06:45 +0530] "GET /demo/index.html HTTP/1.1" 404 25644 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
172.16.16.45 - drupaladmin [22/Jun/2023:00:06:45 +0530] "GET /demo/index.html HTTP/1.1" 404 25644 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"

Please suggest and guide me. Thanks in advance.

Best Regards,

Kaushal


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux