[英]Apache2 open SSL certificates are shown on AWS Load balancer
I'm trying to configure SSL certificates on AWS ec2 Instance, I followed the following steps: 我正在尝试在AWS ec2实例上配置SSL证书,请按照以下步骤操作:
$sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache-selfsigned.key -out /etc/apache2/ssl/apache-selfsigned.crt
I obtained self signed certificates with all the necessary details which was asked. 我获得了带有所有必要详细信息的自签名证书。
And configured my virtual host something like this: 并配置我的虚拟主机,如下所示:
<VirtualHost *:443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin support@noeticitservices.com
ServerName ssltest.domains.com
ServerAlias ssltest.domains.com
DocumentRoot /var/www/html/****/public
ErrorLog /var/www/html/****/error.log
CustomLog /var/www/html/****/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache-selfsigned.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache-selfsigned.key
<Directory /var/www/html/****/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin support@noeticitservices.com
ServerName ssltest.domains.com
ServerAlias ssltest.domains.com
DocumentRoot /var/www/html/****/public
ErrorLog /var/www/html/****/error.log
CustomLog /var/www/html/****/access.log combined
<Directory /var/www/html/****/public>
Options Indexes FollowSymLinks MultiViews
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
When I access my domain it is not taking Amazon Issued Certificates. 当我访问我的域时,它没有使用Amazon颁发的证书。 How can I point the certificates, I've gone through almost all the resources available on Internet.
我如何指出证书,我已经遍历了Internet上几乎所有可用的资源。 My
default-ssl.conf
is also enabled mod_ssl
is also enabled. 我的
default-ssl.conf
也已启用mod_ssl
也已启用。 Help me out with this. 帮我解决这个问题。
Configured A record in Route 53 to alias of load balancer
在Route 53中将A记录配置为负载均衡器的别名
OK, here's where I think you messed up. 好的,这是我认为您搞砸了的地方。
dig ns biltrax.com
gives me the following nameservers for your domain: dig ns biltrax.com
为您的域提供了以下域名服务器:
I believe these are GoDaddy's. 我相信这些是GoDaddy的。 Whatever they are, they're not Route53's nameservers.
无论它们是什么,它们都不是 Route53的名称服务器。 As such, the records you have in Route53 have no effect - they're ignored, as your domain's DNS is handled by a different service entirely.
因此,您在Route53中拥有的记录无效-它们会被忽略,因为您域的DNS完全由其他服务处理。
If you want Route53 to be responsible for the domain, you'll have to point the domain at the Route53 nameservers at your registrar. 如果您要由Route53负责该域,则必须将该域指向您的注册商处的Route53名称服务器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.