[英]Apache SSL config breaks HTTP
I have installed an SSL certificate today, and it works perfectly, pages sought through https:// work fine. 我今天已经安装了SSL证书,并且效果很好,通过https://搜索的页面工作正常。
I have put a redirect in my website.conf to redirect port 80 to https, but it is not working. 我在我的website.conf中放置了一个重定向,以将端口80重定向到https,但是它不起作用。
Also if I go to http://www.example.org (the root), it gets stuck in a redirect loop. 另外,如果我转到http://www.example.org (根目录),则会陷入重定向循环。 going to http://www.example.org/test.htm goes to the same url minus the last /.
转到http://www.example.org/test.htm转到相同的网址减去最后一个/。 eg http://www.example.orgtest.htm/ (slash moves to end)
例如http://www.example.orgtest.htm/ (斜杠结束)
This is really busting my balls, i really hope you guys have some clues. 这真的使我不寒而栗,我真的希望你们有一些线索。
here is my .conf file 这是我的.conf文件
NameVirtualHost *:80
<VirtualHost *:80>
ServerName example.org
Redirect permanent / https://www.example.org
</VirtualHost>
<VirtualHost _default_:443>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin richard@example.org
ServerName example.org
ServerAlias www.example.org
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.org
DocumentRoot /var/www/example.org/html
# SSL settings
SSLEngine on
SSLCertificateFile /etc/ssl/certs/www_example_org.crt
SSLCertificateKeyFile /etc/ssl/digicert/example.key
SSLCACertificateFile /etc/ssl/certs/DigiCertCA.crt
# Log file locations
LogLevel warn
ErrorLog /var/www/example.org/log/error.log
CustomLog /var/www/example.org/log/access.log combined
</VirtualHost>
Your config looks fine for me. 您的配置对我来说很好。 Maybe, you should append a
/
like this: Redirect permanent / https://www.example.org/
也许,您应该添加一个
/
例如: Redirect permanent / https://www.example.org/
Instead of using Redirect permanent
, you could also use mod_rewrite
: 除了使用
Redirect permanent
,还可以使用mod_rewrite
:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
For this to work, you must have installed the mod_rewrite module. 为此,必须安装mod_rewrite模块。
If you would like for force https, another approach is so set the HSTS-Header in your Apache config. 如果您想强制使用https,则另一种方法是在Apache配置中设置HSTS-Header 。 Then, a browser knows that your website is available with https and will automatically redirect all traffic to your https-address.
然后,浏览器知道您的网站可以使用https,并将所有流量自动重定向到您的https-地址。 You can set this header with the following command:
您可以使用以下命令设置此标头:
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
In general, I would recommend reviewing your SSL-config with SSLLabs . 通常,我建议您使用SSLLabs查看您的SSL配置。 If your config is fine, you should get an A+-Rating.
如果配置正确,则应获得A +等级。 I hope this helps.
我希望这有帮助。
well i worked it out after much tears, i was missing ServerAlias www.example.org 好吧,我在流泪之后就解决了,我想念ServerAlias www.example.org
for port 80, Thanks to Ben for the HSTS header though, i will def use that. 对于端口80,尽管感谢Ben提供的HSTS标头,但我将默认使用它。 cheers
干杯
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.