安装 LetsEncrypt SSL 后服务器无响应
[英]Server not responding after LetsEncrypt SSL install
问题描述
I am pushing my website to AWS Lightsail instance on Ubuntu 18.04 and I have had trouble accessing it since I installed LetsEncrypt (everything was fine beforehand).
我正在将我的网站推送到 Ubuntu 18.04 上的 AWS Lightsail 实例,自从我安装了 LetsEncrypt(之前一切都很好)后,我无法访问它。
Basically, I am getting no response, although it looks like everything is fine, at least to me.基本上,我没有收到任何回复,尽管看起来一切都很好,至少对我来说是这样。 My website is called kolibri.ba, and I installed 2 SSL's for both www.kolibri.ba and kolibri.ba.我的网站名为 kolibri.ba,我为www.kolibri.ba和 kolibri.ba 安装了 2 个 SSL。 I tried different UFW settings, turning it off totally and so on.我尝试了不同的 UFW 设置,将其完全关闭等等。
My Virtual Host (kolibri.conf)我的虚拟主机 (kolibri.conf)
<VirtualHost *:80>
ServerName kolibri.ba
ServerAlias www.kolibri.ba
ServerAdmin kontakt@kolibri.ba
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error_mysite.log
CustomLog ${APACHE_LOG_DIR}/error_access_mysite.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =kolibri.ba [OR]
RewriteCond %{SERVER_NAME} =www.kolibri.ba
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
Searching "kolibri" everywhere inside /etc/apache2 looks like this在 /etc/apache2 中到处搜索“kolibri”看起来像这样
ack "kolibri" /etc/apache2
/etc/apache2/kolibri.conf
4: ServerAdmin kontakt@kolibri.ba
5: ServerName kolibri.ba
6: ServerAlias www.kolibri.ba
16: ErrorLog /var/log/apache2/error-kolibri.ba.log
17: CustomLog /var/log/apache2/access-kolibri.ba.log combined
/etc/apache2/sites-available/kolibri.conf
2: ServerName kolibri.ba
3: ServerAlias www.kolibri.ba
5: ServerAdmin kontakt@kolibri.ba
12:RewriteCond %{SERVER_NAME} =kolibri.ba [OR]
13:RewriteCond %{SERVER_NAME} =www.kolibri.ba
/etc/apache2/sites-available/kolibri-2-le-ssl.conf
3: ServerAdmin kontakt@kolibri.ba
4: ServerName kolibri.ba
5: ServerAlias www.kolibri.ba
11:#SSLCertificateFile /etc/letsencrypt/live/www.kolibri.ba/fullchain.pem
12:#SSLCertificateKeyFile /etc/letsencrypt/live/www.kolibri.ba/privkey.pem
/etc/apache2/sites-available/kolibri-le-ssl.conf
3: ServerName www.kolibri.ba
4: ServerAlias kolibri.ba
6: ServerAdmin kontakt@kolibri.ba
14:SSLCertificateFile /etc/letsencrypt/live/kolibri.ba/fullchain.pem
15:SSLCertificateKeyFile /etc/letsencrypt/live/kolibri.ba/privkey.pem
20: ServerName kolibri.ba
21: ServerAlias www.kolibri.ba
23: ServerAdmin kontakt@kolibri.ba
33:# RewriteCond %{SERVER_NAME} =kolibri.ba [OR]
34:# RewriteCond %{SERVER_NAME} =www.kolibri.ba```
I added these lines to my wp-config.php as well
define( 'WP_HOME', 'https://kolibri.ba' );定义('WP_HOME','https://kolibri.ba'); define( 'WP_SITEURL', 'https://kolibri.ba' ); define( 'WP_SITEURL', 'https://kolibri.ba' ); define( 'FORCE_SSL_ADMIN', true)```定义('FORCE_SSL_ADMIN',真)```
Firewall settings looks like this防火墙设置如下所示
sudo ufw status
Status: active
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
30000:31000/tcp ALLOW Anywhere
20:21/tcp ALLOW Anywhere
OpenSSH ALLOW Anywhere
Apache ALLOW Anywhere
20/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
40000:50000/tcp ALLOW Anywhere
990/tcp ALLOW Anywhere
443 ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
Apache Full (v6) ALLOW Anywhere (v6)
30000:31000/tcp (v6) ALLOW Anywhere (v6)
20:21/tcp (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
Apache (v6) ALLOW Anywhere (v6)
20/tcp (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)
40000:50000/tcp (v6) ALLOW Anywhere (v6)
990/tcp (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
If I do nmap 443 and 80 ports locally to my domain, it gives this如果我在我的域本地执行 nmap 443 和 80 端口,它会给出这个
PORT STATE SERVICE
80/tcp open http
443/tcp filtered https
Not sure if 443 filtered state could be causing the issue or what?不确定是 443 filtered state 导致了这个问题还是什么?
And as last, I am putting here my apache health stats:最后,我将我的 apache 健康统计数据放在这里:
ubuntu@ip-172-26-0-121:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: active (running) since Wed 2022-04-20 20:56:26 CEST; 11min ago
Process: 5339 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
Process: 5300 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Process: 5344 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 5358 (apache2)
Tasks: 9 (limit: 2362)
CGroup: /system.slice/apache2.service
├─5358 /usr/sbin/apache2 -k start
├─5363 /usr/sbin/apache2 -k start
├─5364 /usr/sbin/apache2 -k start
├─5365 /usr/sbin/apache2 -k start
├─5366 /usr/sbin/apache2 -k start
├─5367 /usr/sbin/apache2 -k start
├─5382 /usr/sbin/apache2 -k start
├─5385 /usr/sbin/apache2 -k start
└─5386 /usr/sbin/apache2 -k start
Apr 20 20:56:26 ip-172-26-0-121 systemd[1]: Stopped The Apache HTTP Server.
Apr 20 20:56:26 ip-172-26-0-121 systemd[1]: Starting The Apache HTTP Server...
Apr 20 20:56:26 ip-172-26-0-121 systemd[1]: Started The Apache HTTP Server.
I spent 2 days debugging this, and I would kill my instance 15 times so far if WordPress wasn't such a pain to import properly.我花了 2 天时间对此进行调试,如果正确导入 WordPress 不是那么痛苦的话,到目前为止我会杀死我的实例 15 次。 Please help and thanks a lot!请帮忙,非常感谢!
1 个解决方案
解决方案1
0 2022-04-20 19:22:49
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
SSLCertificateKeyFile /etc/apache2/certificate/apache.key
</VirtualHost>
Configure things correctly and this should work you don't need all the virtualhosts just one.正确配置东西,这应该可以工作,你不需要所有的虚拟主机,只需要一个。 When complete restart the services but if the SSL is wrong it will fail.完成后重新启动服务,但如果 SSL 错误,它将失败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.