Re: node.js application listening on port 8000 enabled with SSL certificate returns ERR_SSL_PROTOCOL_ERROR on browser.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This thread is getting very tiresome. So, let's summarize:

- You want to request /, serve index.html
- For all other requests, proxy internally

As such, keep the ProxyPass /index.html ! for clarity and change your existing ProxyPass directive to:

ProxyPassMatch ^/(.+) http://localhost:3000/

In short, this means that requesting / will not match, and requesting /foo will proxy.

On Sat, Jul 1, 2023 at 9:22 PM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:




On Sun, Jul 2, 2023 at 6:20 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:


On Sun, Jul 2, 2023 at 6:14 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:


On Sat, Jul 1, 2023 at 7:50 AM Kaushal Shriyan <kaushalshriyan@xxxxxxxxx> wrote:
Hi Frank,

Thanks for the email response and much appreciated. I added the ProxyPass /index.html !  directive in /etc/httpd/conf.d/phpnodejs.conf 

#cat /etc/httpd/conf.d/phpnodejs.conf
<VirtualHost *:80>
    ServerName phpnodejs.mydomain.com
    Redirect / https://phpnodejs.mydomain.com/
 </VirtualHost>
<VirtualHost *:443>
        DocumentRoot /var/www/html/htmlcode
        ServerName phpnodejs.mydomain.com
        Header add Access-Control-Allow-Origin "*"
        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/phpnodejs.mydomain.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/phpnodejs.mydomain.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/phpnodejs.mydomain.com/chain.pem
        Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
        ProxyPass /index.html !
        ProxyPass / http://localhost:3000/
</VirtualHost>

# apachectl configtest
Syntax OK
#apachectl -S
VirtualHost configuration:
*:80                   phpnodejs.mydomain.com (/etc/httpd/conf.d/phpnodejs.conf:1)
*:443                  phpnodejs.mydomain.com (/etc/httpd/conf.d/phpnodejs.conf:5)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex lua-ivm-shm: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48
#

when I hit https://phpnodejs.mydomain.com/ it still points to the nodejs server.js file located in /var/www/html/nodejssl. For testing purposes, I stopped the node js code to execute. I get the below message on the browser which is expected behaviour. 

image.png

I am still unable to render the index.html file from the document root in /var/www/html/htmlcode which I created a new folder for testing purposes.  

Please suggest and guide me. Thanks in advance.

Best Regards,

Kaushal

Hi,

I have referred to https://httpd.apache.org/docs/2.4/mod/mod_dir.html by adding DirectoryIndex index.html directive in 443 virtualhost. The issue still persists.

#cat /etc/httpd/conf.d/phpnodejs.conf
<VirtualHost *:80>
    ServerName phpnodejs.mydomain.com
    Redirect / https://phpnodejs.mydomain.com/
 </VirtualHost>
<VirtualHost *:443>
        DocumentRoot /var/www/html/htmlcode
        DirectoryIndex index.html
        ServerName phpnodejs.mydomain.com
        Header add Access-Control-Allow-Origin "*"
        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/phpnodejs.mydomain.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/phpnodejs.mydomain.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/phpnodejs.mydomain.com/chain.pem
        Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
        ProxyPass /index.html !
        ProxyPass / http://localhost:3000/
</VirtualHost>

Please suggest further and guide me. Thanks in advance.

Best Regards,

Kaushal


Further to the earlier email, I am sharing the log files. 

#cd /var/log/httpd/
#pwd
/var/log/httpd
# cat access_log
172.16.16.45 - - [02/Jul/2023:06:17:19 +0530] "GET / HTTP/1.1" 200 11 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/114.0"
172.16.16.45 - - [02/Jul/2023:06:17:58 +0530] "GET /nodejssl/server.js HTTP/1.1" 200 11 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/114.0"
172.16.16.45 - - [02/Jul/2023:06:18:03 +0530] "GET / HTTP/1.1" 200 11 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/114.0"
# cat error_log
[Sun Jul 02 06:17:14.849472 2023] [suexec:notice] [pid 31795:tid 31795] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Jul 02 06:17:14.880212 2023] [ssl:warn] [pid 31795:tid 31795] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Sun Jul 02 06:17:14.881405 2023] [http2:warn] [pid 31795:tid 31795] AH10034: The mpm module (prefork.c) is not supported by mod_http2. The mpm determines how things are processed in your server. HTTP/2 has more demands in this regard and the currently selected mpm will just not do. This is an advisory warning. Your server will continue to work, but the HTTP/2 protocol will be inactive.
[Sun Jul 02 06:17:14.882256 2023] [lbmethod_heartbeat:notice] [pid 31795:tid 31795] AH02282: No slotmem from mod_heartmonitor
[Sun Jul 02 06:17:14.887938 2023] [mpm_prefork:notice] [pid 31795:tid 31795] AH00163: Apache/2.4.57 (IUS) OpenSSL/1.0.2k-fips configured -- resuming normal operations
[Sun Jul 02 06:17:14.887993 2023] [core:notice] [pid 31795:tid 31795] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'

Best Regards,

Kaushal

Hi,

I have enabled debug logging by adding LogLevel debug in 443 virtualhost. 

#cat /etc/httpd/conf.d/phpnodejs.conf
<VirtualHost *:80>
    ServerName phpnodejs.mydomain.com
    Redirect / https://phpnodejs.mydomain.com/
 </VirtualHost>
<VirtualHost *:443>
        DocumentRoot /var/www/html/htmlcode
        DirectoryIndex index.html
        ServerName phpnodejs.mydomain.com
        Header add Access-Control-Allow-Origin "*"
        LogLevel debug
        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/phpnodejs.mydomain.com/cert.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/phpnodejs.mydomain.com/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/phpnodejs.mydomain.com/chain.pem
        Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
        ProxyPass /index.html !
        ProxyPass / http://localhost:3000/
</VirtualHost>

debug apache error log file -> http://sprunge.us/kndkvL 

Please suggest further and guide me. Thanks in advance. 
 
Best Regards,

Kaushal

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux