堆栈内存溢出
  简体   繁体   English

让我们在AWS Lightsail中的bitnami.conf中加密SSL设置

[英]Lets Encrypt SSL setup in bitnami.conf in AWS Lightsail

 原文  2019-05-10 05:02:41       apache/ amazon-web-services/ ssl/ lets-encrypt/ bitnami

问题描述

I created a new Instance in AWS Lightsail and Configured a domain example.com which has 2 subdomains as well. 我在AWS Lightsail中创建了一个新实例,并配置了一个域example.com ,它也有2个子域。 test.example.com and app.example.com . test.example.comapp.example.com

I removed the default bitnami.conf and created a new one. 我删除了默认的bitnami.conf并创建了一个新的。 This removed the predefined SSL setup code. 这删除了预定义的SSL设置代码。 I installed Lets encrypt by following this tutorial . 我按照本教程安装了Lets加密。

Here is my bitnami.conf file before adding SSL. 在添加SSL之前,这是我的bitnami.conf文件。 I could access all the websites as desired. 我可以根据需要访问所有网站。 

ServerName example.com

<VirtualHost *:80>

    ServerName example.com
       <Directory /opt/bitnami/apache2/htdocs/default_website>
                                     DirectoryIndex index.html
                                     AllowOverride All
                                     Require all granted
                     </Directory>

    DocumentRoot /opt/bitnami/apache2/htdocs/default_website
</VirtualHost>



<VirtualHost *:80>

    DocumentRoot /opt/bitnami/apache2/htdocs/app_website
    <Directory /opt/bitnami/apache2/htdocs/app_website>
                                     DirectoryIndex index.html
                                     AllowOverride All
                                     Require all granted
                     </Directory>
    ServerName app.example.com

</VirtualHost>



<VirtualHost *:80>

    DocumentRoot /opt/bitnami/apache2/htdocs/test_website
     <Directory /opt/bitnami/apache2/htdocs/test_website>
                                     DirectoryIndex index.html
                                     AllowOverride All
                                     Require all granted
                     </Directory>
    ServerName test.example.com

</VirtualHost>

Here is my bitnami.conf file after adding SSL code. 添加SSL代码后,这是我的bitnami.conf文件。 Redirection from example.com to https://example.com works fine, but the page doesn't load in https . example.com重定向到https://example.com工作正常,但该页面未加载到https I'm getting ERR_CONNECTION_REFUSED error. 我收到ERR_CONNECTION_REFUSED错误。

New bitnami.conf file 新的bitnami.conf文件 

ServerName example.com

<VirtualHost *:80>

    ServerName example.com
    RewriteEngine On
            RewriteCond %{HTTPS} !=on
            RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

       <Directory /opt/bitnami/apache2/htdocs/default_website>
                                     DirectoryIndex index.html
                                     AllowOverride All
                                     Require all granted
                     </Directory>

    DocumentRoot /opt/bitnami/apache2/htdocs/default_website
</VirtualHost>

<VirtualHost *:443>
DocumentRoot "/opt/bitnami/apache2/htdocs/default_website"
SSLEngine on
SSLCertificateFile "/opt/bitnami/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/server.key"

<Directory "/opt/bitnami/apache2/htdocs/default_website">
Options Indexes FollowSymLinks
AllowOverride All
<IfVersion < 2.3 >
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.3 >
Require all granted
</IfVersion>
</Directory>

# Error Documents
ErrorDocument 503 /503.html

# Bitnami applications installed with a prefix URL (default)
Include "/opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf"
</VirtualHost>



<VirtualHost *:80>

    DocumentRoot /opt/bitnami/apache2/htdocs/app_website
    <Directory /opt/bitnami/apache2/htdocs/app_website>
                                     DirectoryIndex index.html
                                     AllowOverride All
                                     Require all granted
                     </Directory>
    ServerName app.example.com
</VirtualHost>


<VirtualHost *:80>

    DocumentRoot /opt/bitnami/apache2/htdocs/test_website
     <Directory /opt/bitnami/apache2/htdocs/test_website>
                                     DirectoryIndex index.html
                                     AllowOverride All
                                     Require all granted
                     </Directory>
    ServerName test.example.com
</VirtualHost>

1 个解决方案

解决方案1
 0  2019-05-14 06:56:37

Bitnami Engineer here. Bitnami工程师在这里。 You also need to define the new port in which Apache will start to listen and the different cyphers and protocols it will accept. 您还需要定义Apache将开始监听的新端口以及它将接受的不同密码和协议。 These lines are included in the bitnami.conf file we include in our stacks by default 这些行包含在我们默认包含在堆栈中的bitnami.conf文件中 

Listen 443
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !EDH !RC4"
SSLPassPhraseDialog  builtin
SSLSessionCache "shmcb:/opt/bitnami/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

You will need to include them before defining the VirtualHost for the port 443 在为端口443定义VirtualHost之前,您需要包含它们

I hope this helps 我希望这有帮助

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 为什么我的新加密ssl设置会出现浏览器警告? - Why do I get browser warnings on my new lets encrypt ssl setup? 自动让加密通配符子域的SSL证书 - Automatic lets encrypt SSL certificate for wildcard subdomain 更改Lets Encrypt SSL证书的基本域名 - Change base domain name for Lets Encrypt SSL certificate 包含 ProxyPass 和 ProxyPassReverse 的正确位置(AWS Lightsail 上的 Bitnami Node.js 服务器) - Correct place to include ProxyPass and ProxyPassReverse (Bitnami Node.js server on AWS Lightsail) 在AWS EC2 Bitnami Mean Stack上安装SSL - Installing SSL on AWS EC2 Bitnami Mean Stack apache 不工作 httpd 光帆实例灯 bitnami - apache not working httpd lightsail instance lamp bitnami 让加密和太多重定向 - Lets Encrypt and Too many redirects 通过遵循以下教程尝试在Debian Apache AWS Lightsail实例上设置SSL / TLS证书,但仍然无法正常工作 - Trying to set up SSL/TLS certificate on Debian Apache AWS Lightsail instance by following tutorial, but still not working 无法识别 AWS Elastic Beanstalk httpd/conf.d/ssl.conf - AWS Elastic Beanstalk httpd/conf.d/ssl.conf not recognized 让我们在AWS EC2上加密SSL安装的问题 - Issue with Let's Encrypt SSL installation on AWS EC2
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM