[英]Wild card SSL not working on subdomain pointed to different server
This could be possibly a duplicate question, but I've tried every solution I found and nothing worked.这可能是一个重复的问题,但我已经尝试了我找到的所有解决方案,但没有任何效果。 On main domain, I've successfully installed SSL and it is working fine.
在主域上,我已经成功安装了 SSL 并且工作正常。 I need to install the same wild card SSL on other two instances which are using for subdomain .
我需要在用于 subdomain的其他两个实例上安装相同的通配符 SSL 。
The overall structure I've setup so far is as follows -到目前为止我设置的整体结构如下 -
When I am hitting subdomain in browser, it is showing lock sign but with Error 521: Web server is down
当我在浏览器中点击子域时,它显示锁定标志但出现
Error 521: Web server is down
but When I am trying it with default Public DNS, it is showing my page without any error.但是当我使用默认的公共 DNS 尝试它时,它显示我的页面没有任何错误。
Please suggest what is missing here.请提出这里缺少的内容。 Thanks much!!
非常感谢!!
The 521 error from CloudFlare indicates that it is unable to speak to your host on that port. CloudFlare 的 521 错误表明它无法在该端口上与您的主机通信。
Error 521 occurs when the origin web server refuses connections from Cloudflare.
当源 web 服务器拒绝来自 Cloudflare 的连接时,会出现错误 521。 Security solutions at your origin may block legitimate connections from certain Cloudflare IP addresses.
您来源的安全解决方案可能会阻止来自某些 Cloudflare IP 地址的合法连接。
The two most common causes of 521 errors are:
521 错误的两个最常见原因是:
- Offlined origin web server application
离线源web服务器应用
- Blocked Cloudflare requests
阻止的 Cloudflare 请求
Please check the following:请检查以下内容:
It is important to identify whether CloudFlare it attempting to connect to HTTP or HTTPS, it can support both of these models based on the configuration.重要的是要确定 CloudFlare 是否尝试连接到 HTTP 或 HTTPS,它可以根据配置支持这两种型号。
If you're still stuck after these points you can attempt to validate the requests going to your server usingVPC Flow Logs .如果您在这些点之后仍然卡住,您可以尝试使用VPC Flow Logs验证发送到您的服务器的请求。
Finally, this answer gave me a hint How to install third-party SSL Certificate with AWS EC2 Instance (Ubuntu AMI)?最后,这个答案给了我一个提示How to install third-party SSL Certificate with AWS EC2 Instance (Ubuntu AMI)? Will it cost one-time or monthly basis?
它会花费一次性还是每月?
And I resolved this error as follow -我解决了这个错误如下 -
1. Downloaded the certificate files from primary server 1.从主服务器下载证书文件
2. Uploaded the same certificate files to the secondary server where the subdomain is pointed 2.将相同的证书文件上传到子域指向的从服务器
3. then edit /etc/apache2/sites-available/default-ssl.conf file on secondary server, search for "SSLCertificate" and change the following lines 3. 然后在辅助服务器上编辑 /etc/apache2/sites-available/default-ssl.conf 文件,搜索“SSLCertificate”并更改以下行
4. Enable the SSL configuration, and restart the webserver. 4.启用SSL配置,重启webserver。
ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/
apachectl configtest
apachectl graceful
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.