问题
My website (https://www.tjbrackett.com/contact), which is on Apache, cannot access my Express app that is on the same server over HTTPS. Before I added an SSL certificate to the site, the setup ran perfectly. When I revert the SSL cert, it works again. The error I'm receiving on the front-end is ERR_CERT_AUTHORITY_INVALID.
I've tried setting up a proxy/reverse proxy. I'm not sure if I set them up correctly. I've done a self-signed SSL cert on the Express app. I've tried to serve the Express app on top of the HTTPS domain.
HTTPS Apache mysite.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.tjbrackett.com
ServerAdmin tj@brackett.dev
ServerAlias tjbrackett.com
DirectoryIndex index.html
DocumentRoot /var/www/tjbrackett.com
<Directory /var/www/tjbrackett.com>
order allow,deny
allow from all
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^(.*) /index.html [NC,L]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/www.tjbrackett.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.tjbrackett.com/privkey.pem
ProxyRequests On
ProxyPass /contact https://www.tjbrackett.com:8443/
ProxyPassReverse /contact https://www.tjbrackett.com:8443/
</VirtualHost>
Express app
const nodemailer = require('nodemailer');
const express = require('express');
const bodyParser = require('body-parser');
const fs = require('fs');
const http = require('http');
const https = require('https');
const app = express();
const options = {
key: fs.readFileSync(__dirname + '/key.pem'),
cert: fs.readFileSync(__dirname + '/cert.pem')
}
app.use((req, res, next) => {
res.header('Access-Control-Allow-Origin', "*");
res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
next();
});
app.use(bodyParser.urlencoded({ extended: true }));
app.use(express.json());
app.post('/', (req, res) => {
let name = req.body.name;
let email = req.body.email;
let subject = req.body.subject;
let message = req.body.message;
let mailOptions = "";
console.log(req.body);
console.log(req.hostname);
let transporter = nodemailer.createTransport({
service: 'gmail',
secure: true,
auth: {
user: 'myEmail@bot.com',
pass: 'jsfoffamlhqzfqnu'
},
tls: {
rejectUnauthorized: false
}
});
if (req.hostname === "www.tjbrackett.com"){
mailOptions = {
from: email,
to: 'myEmail@gmail.com',
subject: subject,
text: message + "\nName: " + name + "\nEmail: " + email,
};
} else {
mailOptions = {
from: email,
to: 'anotherEmail@gmail.com',
subject: subject,
text: message + "\nName: " + name + "\nEmail: " + email,
}
}
transporter.sendMail(mailOptions, (error, info) => {
if (error) {
console.log(error);
} else {
console.log('Email sent: ' + info.response);
}
});
res.send(req.body);
})
http.createServer(app).listen(8888, () => {
console.log("Server started on port 8888");
});
https.createServer(options, app).listen(8443, () => {
console.log("Server started on port 8443");
});
React Fetch
fetch("https://www.tjbrackett.com:8443", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
name: this.state.name,
email: this.state.email,
message: this.state.message
})
I've very new to Apache/web servers so at this point I just don't know enough to research the problem. Any suggestions are greatly appreciated. Thanks!
回答1:
Using the same SSL certificate that's associated with my URL allowed my website to access the Express API.
New Express code
const options = {
key: fs.readFileSync('/path/to/cert/info/privkey.pem'),
cert: fs.readFileSync('/path/to/cert/info/cert.pem'),
ca: fs.readFileSync('/path/to/cert/info/chain.pem')
}
I used Let's Encrypt/Certbot for the SSL.
来源:https://stackoverflow.com/questions/57119688/getting-apache-to-allow-access-to-express-api-over-https