Coldfusion 11 REST服务可用于HTTP，但不能与HTTPS一起使用(404) [英] Coldfusion 11 REST Service works with HTTP but not HTTPS (404)

问题描述

我正在尝试利用Coldfusion 11的REST服务，但是我只能使它与HTTP一起使用，而不能与HTTPS一起使用.当我将协议更改为HTTPS时，它将返回404.

I'm trying to take advantage of Coldfusion 11's REST Services, but I can only get it working with HTTP, not HTTPS. When I change the protocol to HTTPS, it returns a 404.

我已采取的步骤:

1)我在Web根目录中创建了一个名为"api-test"的文件夹

1) I made a folder in web root called "api-test"

2)在该文件夹中，我创建了一个名为"animals.cfc"的文件，其中包含:

2) Inside that folder, I created a file called "animals.cfc" containing:

<cfcomponent rest="true" restpath="/animals">
        <cffunction name="getAnimals" access="remote" httpmethod="GET" produces="application/json" returntype="struct">
                <cfset value = { "cats": "dogs", "birds": "snakes" }>
                <cfreturn value>
        </cffunction>
</cfcomponent>

3)在数据&服务/REST服务，我添加了"/web/webapps/api-test"作为根路径，并添加了"api-test"作为 mapping .

3) In Coldfusion Administrator under Data & Services / REST Services, I added "/web/webapps/api-test" as the root path and "api-test" as the mapping.

4)在我的Web浏览器中，当我登录到同一服务器上的我的CF Web应用程序之一(使用HTTP)时，我使用jQuery和Firefox的Firebug/Web Developer插件测试了API:

4) In my web browser, while logged into one of my CF web applications on the same server (using HTTP), I test the API with jQuery and Firefox's Firebug / Web Developer plugin:

$.get("http://cftestapp1.mydomain.com/rest/api-test/animals");

返回的数据没有问题

5)在我的Web浏览器中，当我将CF Web应用程序的协议更改为HTTPS并重试相同的命令但使用HTTPS时，得到了404.

5) In my web browser, when I change the protocol of the CF web application to HTTPS, and retry the same command but with HTTPS, I get a 404.

$.get("https://cftestapp1.mydomain.com/rest/api-test/animals");

我的环境由位于负载均衡器(cftestapps)后面的两个Web服务器(cftestapp1和cftestapp2)组成. Web服务器在具有Apache/Tomcat的Redhat Linux上运行Coldfusion 11.在整个测试过程中，我首先尝试使用负载均衡器进行所有操作，但在该操作不起作用时，我只专注于"cftestapp1"(如上述示例).我梳理了所有Coldfusion Administrator设置和Apache httpd.conf 文件，结果空白.

My environment consists of two web servers (cftestapp1 and cftestapp2) behind a load balancer (cftestapps). The web servers are running Coldfusion 11 on Redhat Linux with Apache/Tomcat. Throughout my testing, I tried everything with the load balancer first, and when that didn't work, I focused solely on "cftestapp1" (like the example above). I combed through all of the Coldfusion Administrator settings and the Apache httpd.conf file and came up empty.

我在网上找不到太多文档，也找不到任何人遇到同样的问题.如果有人有什么见识，请帮忙！谢谢！

I cannot find much documentation online or anyone that seems to be experiencing this same problem. If anyone has any insight, please help!! Thanks!

每次我发出HTTPS请求时，/etc/httpd/logs/ssl_error_log (在httpd.conf中指定)都会显示以下错误:

Each time I make the HTTPS request, the /etc/httpd/logs/ssl_error_log (specified in httpd.conf) shows the following errors:

[2015年11月24日星期二16:34:23] [错误] [客户端my_ip_here]文件不存在:/web/webapps/rest
[2015年11月24日星期二16:34:23] [错误] [客户端my_ip_here]文件不存在:/web/webapps/opt

[Tue Nov 24 16:34:23 2015] [error] [client my_ip_here] File does not exist: /web/webapps/rest
[Tue Nov 24 16:34:23 2015] [error] [client my_ip_here] File does not exist: /web/webapps/opt

/web/webapps/rest 是我正在请求的资源；但是，没有物理文件休息"；我在Coldfusion Administrator的Rest Services中的条目应处理这些重定向.

/web/webapps/rest is the resource I'm requesting; however there is no physical file "rest"; my entries in Coldfusion Administrator's Rest Services should be handling these redirects.

/web/webapps/opt 似乎是Apache服务于404页面的尝试，该页面不在Web根目录中，而是在/opt 目录中.

/web/webapps/opt appears to be Apache's attempt at serving the 404 page, which is not in the web root but rather deep inside the /opt directory.

我还发现了该错误，该错误可能不相关，因为在添加 CF Rest Services 之前，我们的HTTPS请求从未遇到问题.

I've also found this error, which might not be related, since we have never had an issue with our HTTPS requests prior to adding CF Rest Services.

[2015年11月24日星期二16:33:12] [警告] RSA服务器证书是CA证书(BasicConstraints:CA == TRUE！?)

[Tue Nov 24 16:33:12 2015] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)

以下是我们的Apache配置文件(httpd.conf)中的代码段.还有很多行，但是这些行似乎最相关.

Below is a snippet from our Apache configuration file (httpd.conf). There are many more lines, but these seem to be the most relevant.

<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

<Directory "/web/webapps">
 Options FollowSymLinks
 AllowOverride None
 Order allow,deny
 Allow from all
</Directory>

Include "/etc/httpd/conf/mod_jk.conf"

NameVirtualHost 127.0.0.1:443
<VirtualHost 127.0.0.1:443>
        ServerName localhost
        DocumentRoot /web/webapps/
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/localhost.crt
        SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
        SSLProtocol +SSLv3 +TLSv1
        SSLCipherSuite RSA:!EXP:!NULL:+HIGH:-MEDIUM:-LOW
        ErrorLog logs/cfadmin.ssl.error.log
        CustomLog logs/cfadmin.ssl.access.log common
</VirtualHost>

ErrorDocument 404 /opt/cf11/cfusion/wwwroot/CFIDE/administrator/templates/404.cfm

似乎没有为404和REST服务正确路由HTTPS通信.但是使用HTTPS时，我可以访问/web/webapps 网络根目录中的所有其他文件夹.

It appears as though the HTTPS traffic is not being correctly routed for the 404 and REST Service. But I am able to access all other folders in our /web/webapps web root while using HTTPS without any problems.

推荐答案

我的问题已解决.我找到了两个单独的解决方案，它们基于mt0和Adobe的帮助(

My problem has been resolved. I found two separate solutions, which were based on the response from mt0 and from Adobe's Help (https://helpx.adobe.com/coldfusion/installing/configuring-your-system.html).

解决方案#1 .

编辑/etc/httpd/conf/httpd.conf

我在SSL VirtualHost 指令中添加了以下行:

I added the following line to my SSL VirtualHost directive:

<VirtualHost 127.0.0.1:443>
    JKMountFile "/path/to/ColdFusion11/config/wsconfig/1/uriworkermap.properties"

但是，仅当我将 NameVirtualHost 和 VirtualHost 的本地IP地址(127.0.0.1)更改为服务器的IP地址时，这才起作用. (使用*:443无效)

However, this would only work if I changed the local IP address (127.0.0.1) to the server's IP address for both the NameVirtualHost and VirtualHost. (using *:443 did not work)

NameVirtualHost SERVER_IP_HERE:443
<VirtualHost SERVER_IP_HERE:443>

虽然这解决了问题，但我不想在配置文件中硬编码服务器的IP地址.因此，我继续研究，找到了这个替代解决方案:

While this solved the problem, I did not want to hard-code the server's IP address inside the config files. So I continued researching and found this alternate solution:

解决方案2 (首选).

编辑/etc/httpd/conf.d/ssl.conf (使httpd.conf文件保持其原始状态)

Edit /etc/httpd/conf.d/ssl.conf (leaving the httpd.conf file in its original state)

我将以下行添加到我的SSL VirtualHost 指令中，并重新启动了Apache:

I added the following line to my SSL VirtualHost directive, and restarted Apache:

<VirtualHost _default_:443>
    JKMountFile "/path/to/ColdFusion11/config/wsconfig/1/uriworkermap.properties" 

这解决了我的问题.

谢谢大家的帮助！

这篇关于Coldfusion 11 REST服务可用于HTTP，但不能与HTTPS一起使用(404)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！