[英]Installed SSL on Apache server, page not responding
My question is about SSL installation. 我的问题是关于SSL安装的。 I purchased a new SSL for a website that's hosted on a Ubuntu 16.04 box with Apache 2.4.29.
我为在Apache 2.4.29的Ubuntu 16.04机器上托管的网站购买了新的SSL。 I was able to get this installed and I'm not getting any errors but my page is not redirecting.
我能够安装此程序,但没有出现任何错误,但我的页面未重定向。 I've followed some guides (DigitalOcean) but feel as I'm missing something.
我遵循了一些指南(DigitalOcean),但感觉好像缺少一些东西。
I have checked the sites-available files (000-default.conf, default-ssl.conf & example.com.conf) and I'm not seeing anything that's catching my eye, but I feel I migtht be missing something. 我已经检查了站点可用的文件(000-default.conf,default-ssl.conf和example.com.conf),但没有发现任何吸引我的东西,但是我感觉自己丢失了一些东西。 I've checked the status of Apache and I'm not getting any errors and I've restarted the services several times to no avail.
我检查了Apache的状态,没有收到任何错误,并且已经多次重启服务,但无济于事。
Here's a general breakdown of what I have. 这是我所拥有的大致分类。 Am I missing something?
我想念什么吗? Is additional information required for setting this up?
设置是否需要其他信息?
000-default.conf 000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
Redirect "/" "https://example.com/"
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
default-ssl.conf 默认的ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
SSLCertificateFile /root/example.com.crt
SSLCertificateKeyFile /root/www.example.com.key
SSLCACertificateFile /root/intermediate.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
</IfModule>4
mydomain.com.conf mydomain.com.conf
<VirtualHost *:443>
ServerAdmin admin@somedomain.com
ServerName mydomain.com
ServerAlias www.example.com
DocumentRoot /var/www/example.com/html
Redirect permanent / https://example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Here is my attempt at a combined configuration. 这是我尝试组合配置的尝试。 Note that I do not have your setup to test it, but I have used similar configurations on production servers.
请注意,我没有用于测试的设置,但是在生产服务器上使用了类似的配置。
First define your port 80 VirtualHost (000-default.conf in your setup): 首先定义您的端口80 VirtualHost(在您的设置中为000-default.conf):
Listen 80
<VirtualHost *:80>
Redirect "/" "https://example.com/"
LogLevel debug
ErrorLog "${APACHE_LOG_DIR}/80_error.log"
CustomLog "${APACHE_LOG_DIR}/80_access.log" combined
</VirtualHost>
No need for a DocumentRoot
since you redirect everything. 因为您重定向了所有内容,所以不需要
DocumentRoot
。
Then comment out default-ssl.conf
. 然后注释掉
default-ssl.conf
。 This file is an example of what you could do to setup an SSL enabled VirtualHost. 该文件是您可以设置启用SSL的VirtualHost的示例。 If you use that file AND another VirtualHost on port 443, this one will always be used, since Apache uses the first VirtualHost it finds that matches the client's request (here port 443).
如果您使用该文件和端口443上的另一个VirtualHost,则将始终使用该文件,因为Apache使用的第一个VirtualHost会找到与客户端请求匹配的虚拟主机(此处为端口443)。
Another point, VirtualHost are not "added" to one another. 还有一点,VirtualHost不会彼此“添加”。 Each is independent of the others and must contain a complete configuration.
每个独立于其他,并且必须包含完整的配置。 This means you cannot put some configuration in on VirtualHost on port 443, and some in another and expect it to work.
这意味着您不能将某些配置放在端口443上的VirtualHost上,而不能将某些配置放在端口上并且期望它能正常工作。
Then create your example.com.conf
file: 然后创建您的
example.com.conf
文件:
Listen 443
<VirtualHost *:443>
ServerName example.com
ServerAlias www.example.com
ServerAdmin admin@example.com
SSLCertificateFile "/root/example.com.crt"
SSLCertificateKeyFile "/root/example.com.key"
SSLCACertificateFile "/root/intermediate.crt"
LogLevel debug
ErrorLog "logs/443_error_log"
CustomLog "logs/443_access_log" combined
DocumentRoot "/var/www/example.com/html"
DirectoryIndex index.html
<Directory "/var/www/example.com/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
</VirtualHost>
Some notes: 一些注意事项:
LogLevel
at debug, so you can troubleshoot, but once it is working, change it to error. LogLevel
置于调试状态,因此可以进行故障排除,但是一旦运行,就将其更改为错误。 Otherwise you will have huge log files quickly! Redirect permanent / https://example.com
in your configuration. Redirect permanent / https://example.com
。 You are already in the https
, port 443 VirtualHost. https
端口443 VirtualHost中。 <FilesMatch>
directives in the default ssl configuration can be added if you want. <FilesMatch>
指令的选项。 This setup will ensure that all http
requests will be redirected to https://example.com
. 此设置将确保所有
http
请求都将重定向到https://example.com
。 Then it will use the :443 VirtualHost, use the proper certificate for that domain and serve the content from the DocumentRoot directory. 然后它将使用:443 VirtualHost,为该域使用适当的证书,并提供DocumentRoot目录中的内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.