Coldfusion 11 REST 服务适用于 HTTP 但不适用于 HTTPS (404) [英] Coldfusion 11 REST Service works with HTTP but not HTTPS (404)
问题描述
我正在尝试利用 Coldfusion 11 的 REST 服务,但我只能使用 HTTP,而不是 HTTPS.当我将协议更改为 HTTPS 时,它会返回 404.
I'm trying to take advantage of Coldfusion 11's REST Services, but I can only get it working with HTTP, not HTTPS. When I change the protocol to HTTPS, it returns a 404.
我采取的步骤:
1) 我在 web 根目录中创建了一个名为api-test"的文件夹
1) I made a folder in web root called "api-test"
2) 在该文件夹中,我创建了一个名为animals.cfc"的文件,其中包含:
2) Inside that folder, I created a file called "animals.cfc" containing:
<cfcomponent rest="true" restpath="/animals">
<cffunction name="getAnimals" access="remote" httpmethod="GET" produces="application/json" returntype="struct">
<cfset value = { "cats": "dogs", "birds": "snakes" }>
<cfreturn value>
</cffunction>
</cfcomponent>
3) 在 Coldfusion Administrator 中的 Data &Services/REST Services,我添加了/web/webapps/api-test"作为根路径和api-test"作为映射.
3) In Coldfusion Administrator under Data & Services / REST Services, I added "/web/webapps/api-test" as the root path and "api-test" as the mapping.
4) 在我的 Web 浏览器中,当我登录到同一服务器上的一个 CF Web 应用程序时(使用 HTTP),我使用 jQuery 和 Firefox 的 Firebug/Web Developer 插件测试 API:
4) In my web browser, while logged into one of my CF web applications on the same server (using HTTP), I test the API with jQuery and Firefox's Firebug / Web Developer plugin:
$.get("http://cftestapp1.mydomain.com/rest/api-test/animals");
数据返回没有问题
5) 在我的 Web 浏览器中,当我将 CF Web 应用程序的协议更改为 HTTPS,然后使用 HTTPS 重试相同的命令时,我得到了 404.
5) In my web browser, when I change the protocol of the CF web application to HTTPS, and retry the same command but with HTTPS, I get a 404.
$.get("https://cftestapp1.mydomain.com/rest/api-test/animals");
我的环境由负载平衡器 (cftestapps) 后面的两个 Web 服务器(cftestapp1 和 cftestapp2)组成.Web 服务器在带有 Apache/Tomcat 的 Redhat Linux 上运行 Coldfusion 11.在我的整个测试过程中,我首先尝试了负载均衡器的所有内容,当它不起作用时,我只专注于cftestapp1"(如上面的示例).我梳理了所有的 Coldfusion 管理员设置和 Apache httpd.conf 文件,结果是空的.
My environment consists of two web servers (cftestapp1 and cftestapp2) behind a load balancer (cftestapps). The web servers are running Coldfusion 11 on Redhat Linux with Apache/Tomcat. Throughout my testing, I tried everything with the load balancer first, and when that didn't work, I focused solely on "cftestapp1" (like the example above). I combed through all of the Coldfusion Administrator settings and the Apache httpd.conf file and came up empty.
我找不到太多在线文档或任何似乎遇到同样问题的人.如果有人有任何见解,请帮助!谢谢!
I cannot find much documentation online or anyone that seems to be experiencing this same problem. If anyone has any insight, please help!! Thanks!
每次我发出 HTTPS 请求时,/etc/httpd/logs/ssl_error_log(在 httpd.conf 中指定)都会显示以下错误:
Each time I make the HTTPS request, the /etc/httpd/logs/ssl_error_log (specified in httpd.conf) shows the following errors:
[2015 年 11 月 24 日星期二 16:34:23] [错误] [client my_ip_here] 文件不存在:/web/webapps/rest
[2015 年 11 月 24 日星期二 16:34:23] [错误] [client my_ip_here] 文件不存在:/web/webapps/opt
[Tue Nov 24 16:34:23 2015] [error] [client my_ip_here] File does not exist: /web/webapps/rest
[Tue Nov 24 16:34:23 2015] [error] [client my_ip_here] File does not exist: /web/webapps/opt
/web/webapps/rest 是我请求的资源;但是没有物理文件休息";我在 Coldfusion Administrator's Rest Services 中的条目应该处理这些重定向.
/web/webapps/rest is the resource I'm requesting; however there is no physical file "rest"; my entries in Coldfusion Administrator's Rest Services should be handling these redirects.
/web/webapps/opt 似乎是 Apache 提供 404 页面的尝试,该页面不在网络根目录中,而是在 /opt 目录的深处.
/web/webapps/opt appears to be Apache's attempt at serving the 404 page, which is not in the web root but rather deep inside the /opt directory.
我也发现了这个错误,这可能不相关,因为在添加 CF Rest Services 之前,我们的 HTTPS 请求从未遇到过问题.
I've also found this error, which might not be related, since we have never had an issue with our HTTPS requests prior to adding CF Rest Services.
[2015 年 11 月 24 日星期二 16:33:12] [警告] RSA 服务器证书是 CA 证书(BasicConstraints: CA == TRUE !?)
[Tue Nov 24 16:33:12 2015] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
以下是我们的 Apache 配置文件 (httpd.conf) 的片段.还有很多行,但这些似乎是最相关的.
Below is a snippet from our Apache configuration file (httpd.conf). There are many more lines, but these seem to be the most relevant.
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/web/webapps">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Include "/etc/httpd/conf/mod_jk.conf"
NameVirtualHost 127.0.0.1:443
<VirtualHost 127.0.0.1:443>
ServerName localhost
DocumentRoot /web/webapps/
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLProtocol +SSLv3 +TLSv1
SSLCipherSuite RSA:!EXP:!NULL:+HIGH:-MEDIUM:-LOW
ErrorLog logs/cfadmin.ssl.error.log
CustomLog logs/cfadmin.ssl.access.log common
</VirtualHost>
ErrorDocument 404 /opt/cf11/cfusion/wwwroot/CFIDE/administrator/templates/404.cfm
似乎没有为 404 和 REST 服务正确路由 HTTPS 流量.但是我可以在使用 HTTPS 时访问我们的 /web/webapps Web 根目录中的所有其他文件夹,而不会出现任何问题.
It appears as though the HTTPS traffic is not being correctly routed for the 404 and REST Service. But I am able to access all other folders in our /web/webapps web root while using HTTPS without any problems.
推荐答案
我的问题已经解决了.我找到了两个单独的解决方案,它们基于 mt0 和 Adobe 帮助 (https://helpx.adobe.com/coldfusion/installing/configuring-your-system.html).
My problem has been resolved. I found two separate solutions, which were based on the response from mt0 and from Adobe's Help (https://helpx.adobe.com/coldfusion/installing/configuring-your-system.html).
解决方案 #1.
编辑/etc/httpd/conf/httpd.conf
我在我的 SSL VirtualHost 指令中添加了以下行:
I added the following line to my SSL VirtualHost directive:
<VirtualHost 127.0.0.1:443>
JKMountFile "/path/to/ColdFusion11/config/wsconfig/1/uriworkermap.properties"
但是,这只有在我将本地 IP 地址 (127.0.0.1) 更改为 NameVirtualHost 和 VirtualHost 的服务器 IP 地址时才有效.(使用 *:443 无效)
However, this would only work if I changed the local IP address (127.0.0.1) to the server's IP address for both the NameVirtualHost and VirtualHost. (using *:443 did not work)
NameVirtualHost SERVER_IP_HERE:443
<VirtualHost SERVER_IP_HERE:443>
虽然这解决了问题,但我不想在配置文件中硬编码服务器的 IP 地址.所以我继续研究并找到了这个替代解决方案:
While this solved the problem, I did not want to hard-code the server's IP address inside the config files. So I continued researching and found this alternate solution:
解决方案 #2(首选).
编辑/etc/httpd/conf.d/ssl.conf(保留httpd.conf文件的原始状态)
Edit /etc/httpd/conf.d/ssl.conf (leaving the httpd.conf file in its original state)
我在我的 SSL VirtualHost 指令中添加了以下行,并重新启动了 Apache:
I added the following line to my SSL VirtualHost directive, and restarted Apache:
<VirtualHost _default_:443>
JKMountFile "/path/to/ColdFusion11/config/wsconfig/1/uriworkermap.properties"
这解决了我的问题.
感谢大家的帮助!
这篇关于Coldfusion 11 REST 服务适用于 HTTP 但不适用于 HTTPS (404)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
