堆栈内存溢出
  简体   繁体   English

无法在Centos7 apache2上安装Comodo SSL证书

[英]Can`t install Comodo SSL certificate on Centos7 apache2

 原文  2018-11-23 09:37:38       ssl/ ssl-certificate/ centos7

问题描述

I have bought Comodo PositiveSSL. 我已经购买了Comodo PositiveSSL。 Now I have certificate.key and zip-archive which is contains 4 files. 现在我有certificate.key和zip-archive,其中包含4个文件。 

AddTrustExternalCARoot.crt, 
COMODORSADomainValidationSecureServerCA.crt, 
COMODORSAAddTrustCA.crt, 
my_domain_ru.crt

Firstly I`ve read that I have to join this files into one mySite.ca-build. 首先,我读到我必须将这些文件加入一个mySite.ca-build。 

cat my_site_ru.crt  COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > mySite.ca-bundle

Secondly I saved there files into /usr/local/ssl/my_site/. 其次,我将那里的文件保存到/ usr / local / ssl / my_site /中。

then I go to 然后我去

/etc/httpd/conf.d/my_site_ru.conf /etc/httpd/conf.d/my_site_ru.conf

and added this 并添加了这个 

 SSLEngine On
 SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
 SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
 SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle

but after 但是之后 

systemctl restart httpd

i got an error 我有一个错误

Bad Request Your browser sent a request that this server could not understand. 错误的请求您的浏览器发送了此服务器无法理解的请求。 Reason: You're speaking plain HTTP to an SSL-enabled server port. 原因:您正在对启用SSL的服务器端口使用纯HTTP。 Instead use the HTTPS scheme to access this URL, please. 请改用HTTPS方案访问此URL。

if I try to open my site with https://my_domain.ru I see next 如果我尝试使用https://my_domain.ru打开我的网站,我会看到下一个

Connection is not secure 连接不安全

1 个解决方案

解决方案1
 1 已采纳  2018-11-23 09:48:23

You have a turned on SSL configuration on port 80, where are expected non-ssl config. 您已在端口80上打开了SSL配置,该端口应为非SSL配置。

You have to have two apache configs: one for port 80 , where you will have no SSL directives and another one for port 443 , where you will have SSL turned on. 您必须具有两个apache配置:一个用于端口80 ,您将没有SSL指令,另一个用于端口443 ,您将在其中打开SSL。

Simple example: 简单的例子: 

<VirtualHost IP_Address:80>
     ...Some configurations here...
</VirtualHost>
<VirtualHost IP_Address:443>
     SSLEngine On
     SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
     SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
     SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
     ... another configuration, such as ServerName, DocumentRoot, etc. ...
</VirtualHost>

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 apache CentOS上的COMODO SSL证书 - COMODO SSL Certificate on apache CentOS Apache2 SSL证书错误 - Apache2 SSL certificate error 在Tomcat Apache Web服务器上安装WildCard SSL证书(通过Comodo) - Installation of WildCard SSL certificate (By Comodo) on Tomcat Apache Web Server 在EC2 Ubuntu实例上安装COMODO EV SSL证书 - Install COMODO EV SSL Certificate on EC2 Ubuntu Instance Comodo通配符ssl证书和Haproxy - Comodo wildcard ssl certificate and Haproxy Jboss7上的COMODO SSL证书 - COMODO SSL certificate on Jboss7 无法信任SSL证书(COMODO) - SSL Certificate Cannot Be Trusted (COMODO) 删除SSL证书后Apache2无法正常工作 - Apache2 not working after SSL certificate remove Apache2 有时会提供旧的 SSL 证书 - Apache2 sometimes serving old SSL certificate Apache2 SSL证书/密钥不匹配 - Apache2 SSL Certificate/Key mismatch
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM