Moqui 连接在 Nginx 后面的 HTTPS 上被拒绝
Posted
技术标签:
【中文标题】Moqui 连接在 Nginx 后面的 HTTPS 上被拒绝【英文标题】:Moqui connection refused on HTTPS behind Nginx 【发布时间】:2019-10-06 06:07:13 【问题描述】:这个post指的是。
好的,过去几天我一直在尝试获取 ebextensions 配置,以便通过创建 LetsEncrypt 证书在 nginx 上为单个 EC2 实例配置 HTTPS 加密。这一切似乎都根据日志工作(一旦完全工作,将在其他帖子上发布配置)。但是当我尝试通过 HTTPS 访问 Moqui 时,我遇到了一些奇怪的行为。 HTTP 工作正常,但一旦我切换到 HTTPS,更正被拒绝。我从 EB 日志中得到以下信息:
/var/log/web-1.log
-------------------------------------
at com.atomikos.recovery.xa.XaResourceRecoveryManager.recover(XaResourceRecoveryManager.java:67) [transactions-jta-4.0.4.jar:?]
at com.atomikos.datasource.xa.XATransactionalResource.recover(XATransactionalResource.java:451) [transactions-jta-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.performRecovery(TransactionServiceImp.java:490) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.access$000(TransactionServiceImp.java:56) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp$1.alarm(TransactionServiceImp.java:471) [transactions-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.notifyListeners(PooledAlarmTimer.java:95) [atomikos-util-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.run(PooledAlarmTimer.java:82) [atomikos-util-4.0.4.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_201]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_201]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
Caused by: org.postgresql.util.PSQLException: This connection has been closed.
at org.postgresql.jdbc2.AbstractJdbc2Connection.checkClosed(AbstractJdbc2Connection.java:843) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc3.AbstractJdbc3Connection.createStatement(AbstractJdbc3Connection.java:231) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc2.AbstractJdbc2Connection.createStatement(AbstractJdbc2Connection.java:310) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:341) ~[postgresql-9.3-1102.jdbc41.jar:?]
... 12 more
[33m18:36:04.327 WARN Atomikos:1 atomikos.r.x.XaResourceRecoveryManager[m Error while retrieving xids from resource - will retry later...
org.postgresql.xa.PGXAException: Error during recover
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:368) ~[postgresql-9.3-1102.jdbc41.jar:?]
at com.atomikos.datasource.xa.RecoveryScan.recoverXids(RecoveryScan.java:32) ~[transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.retrievePreparedXidsFromXaResource(XaResourceRecoveryManager.java:158) [transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.recover(XaResourceRecoveryManager.java:67) [transactions-jta-4.0.4.jar:?]
at com.atomikos.datasource.xa.XATransactionalResource.recover(XATransactionalResource.java:451) [transactions-jta-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.performRecovery(TransactionServiceImp.java:490) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.access$000(TransactionServiceImp.java:56) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp$1.alarm(TransactionServiceImp.java:471) [transactions-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.notifyListeners(PooledAlarmTimer.java:95) [atomikos-util-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.run(PooledAlarmTimer.java:82) [atomikos-util-4.0.4.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_201]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_201]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
Caused by: org.postgresql.util.PSQLException: This connection has been closed.
at org.postgresql.jdbc2.AbstractJdbc2Connection.checkClosed(AbstractJdbc2Connection.java:843) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc3.AbstractJdbc3Connection.createStatement(AbstractJdbc3Connection.java:231) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc2.AbstractJdbc2Connection.createStatement(AbstractJdbc2Connection.java:310) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:341) ~[postgresql-9.3-1102.jdbc41.jar:?]
... 12 more
[33m18:36:14.327 WARN Atomikos:1 atomikos.r.x.XaResourceRecoveryManager[m Error while retrieving xids from resource - will retry later...
org.postgresql.xa.PGXAException: Error during recover
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:368) ~[postgresql-9.3-1102.jdbc41.jar:?]
at com.atomikos.datasource.xa.RecoveryScan.recoverXids(RecoveryScan.java:32) ~[transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.retrievePreparedXidsFromXaResource(XaResourceRecoveryManager.java:158) [transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.recover(XaResourceRecoveryManager.java:67) [transactions-jta-4.0.4.jar:?]
at com.atomikos.datasource.xa.XATransactionalResource.recover(XATransactionalResource.java:451) [transactions-jta-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.performRecovery(TransactionServiceImp.java:490) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.access$000(TransactionServiceImp.java:56) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp$1.alarm(TransactionServiceImp.java:471) [transactions-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.notifyListeners(PooledAlarmTimer.java:95) [atomikos-util-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.run(PooledAlarmTimer.java:82) [atomikos-util-4.0.4.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_201]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_201]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
Caused by: org.postgresql.util.PSQLException: This connection has been closed.
at org.postgresql.jdbc2.AbstractJdbc2Connection.checkClosed(AbstractJdbc2Connection.java:843) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc3.AbstractJdbc3Connection.createStatement(AbstractJdbc3Connection.java:231) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc2.AbstractJdbc2Connection.createStatement(AbstractJdbc2Connection.java:310) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:341) ~[postgresql-9.3-1102.jdbc41.jar:?]
... 12 more
[33m18:36:24.328 WARN Atomikos:1 atomikos.r.x.XaResourceRecoveryManager[m Error while retrieving xids from resource - will retry later...
org.postgresql.xa.PGXAException: Error during recover
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:368) ~[postgresql-9.3-1102.jdbc41.jar:?]
at com.atomikos.datasource.xa.RecoveryScan.recoverXids(RecoveryScan.java:32) ~[transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.retrievePreparedXidsFromXaResource(XaResourceRecoveryManager.java:158) [transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.recover(XaResourceRecoveryManager.java:67) [transactions-jta-4.0.4.jar:?]
at com.atomikos.datasource.xa.XATransactionalResource.recover(XATransactionalResource.java:451) [transactions-jta-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.performRecovery(TransactionServiceImp.java:490) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.access$000(TransactionServiceImp.java:56) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp$1.alarm(TransactionServiceImp.java:471) [transactions-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.notifyListeners(PooledAlarmTimer.java:95) [atomikos-util-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.run(PooledAlarmTimer.java:82) [atomikos-util-4.0.4.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_201]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_201]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
Caused by: org.postgresql.util.PSQLException: This connection has been closed.
at org.postgresql.jdbc2.AbstractJdbc2Connection.checkClosed(AbstractJdbc2Connection.java:843) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc3.AbstractJdbc3Connection.createStatement(AbstractJdbc3Connection.java:231) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc2.AbstractJdbc2Connection.createStatement(AbstractJdbc2Connection.java:310) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:341) ~[postgresql-9.3-1102.jdbc41.jar:?]
... 12 more
[33m18:36:34.328 WARN Atomikos:1 atomikos.r.x.XaResourceRecoveryManager[m Error while retrieving xids from resource - will retry later...
org.postgresql.xa.PGXAException: Error during recover
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:368) ~[postgresql-9.3-1102.jdbc41.jar:?]
at com.atomikos.datasource.xa.RecoveryScan.recoverXids(RecoveryScan.java:32) ~[transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.retrievePreparedXidsFromXaResource(XaResourceRecoveryManager.java:158) [transactions-jta-4.0.4.jar:?]
at com.atomikos.recovery.xa.XaResourceRecoveryManager.recover(XaResourceRecoveryManager.java:67) [transactions-jta-4.0.4.jar:?]
at com.atomikos.datasource.xa.XATransactionalResource.recover(XATransactionalResource.java:451) [transactions-jta-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.performRecovery(TransactionServiceImp.java:490) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp.access$000(TransactionServiceImp.java:56) [transactions-4.0.4.jar:?]
at com.atomikos.icatch.imp.TransactionServiceImp$1.alarm(TransactionServiceImp.java:471) [transactions-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.notifyListeners(PooledAlarmTimer.java:95) [atomikos-util-4.0.4.jar:?]
at com.atomikos.timing.PooledAlarmTimer.run(PooledAlarmTimer.java:82) [atomikos-util-4.0.4.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_201]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_201]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_201]
Caused by: org.postgresql.util.PSQLException: This connection has been closed.
at org.postgresql.jdbc2.AbstractJdbc2Connection.checkClosed(AbstractJdbc2Connection.java:843) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc3.AbstractJdbc3Connection.createStatement(AbstractJdbc3Connection.java:231) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.jdbc2.AbstractJdbc2Connection.createStatement(AbstractJdbc2Connection.java:310) ~[postgresql-9.3-1102.jdbc41.jar:?]
at org.postgresql.xa.PGXAConnection.recover(PGXAConnection.java:341) ~[postgresql-9.3-1102.jdbc41.jar:?]
... 12 more
/var/log/nginx/error.log 为空,这显然是 Moqui 异常,因此 Nginx 可能正确接收流量。似乎 Postgres 是根本原因,但正如我所说,我可以通过 HTTP 访问一切正常,因此当请求通过 HTTPS 时,看起来 Postgres 连接在 Moqui 中关闭,这似乎......不太可能。
感谢任何帮助,以便我弄清楚如何在单个 EC2 实例上部署 Moqui。将在其他帖子中分享解决方案。
【问题讨论】:
【参考方案1】:一种方法是在Tomcat /etc/tomcat7/server.xml中创建一个阀门:
<Valve className="org.apache.catalina.valves.RemoteIpValve"
internalProxies=".*"
remoteIpHeader="x-forwarded-for"
remoteIpProxiesHeader="x-forwarded-by"
protocolHeader="x-forwarded-proto" />
并在您的 nginx 设置中使用类似以下内容。
location /
proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://xx.xxx.xx.xxx:8080;
proxy_http_version 1.1;
【讨论】:
谢谢,罗南。 Beanstalk 没有加载我的自定义配置,因此端口 443 从未正确配置。【参考方案2】:忽略这个白痴。问题是 Nginx 不接受我为 Elastic Beanstalk 上的独立 Java SE 实例自定义的 Nginx 配置,因此端口 443 一开始就没有正确设置。仍然无法弄清楚我为什么要取回该日志信息,因为如果端口 443 关闭,请求将永远不会到达 Moqui。
无论如何,我几乎已经设法使配置完全正常工作。完成后会在此处更新。
【讨论】:
以上是关于Moqui 连接在 Nginx 后面的 HTTPS 上被拒绝的主要内容,如果未能解决你的问题,请参考以下文章
Moqui 在 Elastic Beanstalk Tomcat 实例上部署到 AWS
在 Nginx 后面通过 HTTPS 访问 Django Admin
EC2 在 CloudFront 后面使用 HTTPS 运行 NGINX?