stackoom
  简体   繁体   中英

Installed SSL on Apache server, page not responding

 原文  2018-10-06 21:27:07       apache/ ssl/ web/ configuration/ ssl-certificate

Question

My question is about SSL installation. I purchased a new SSL for a website that's hosted on a Ubuntu 16.04 box with Apache 2.4.29. I was able to get this installed and I'm not getting any errors but my page is not redirecting. I've followed some guides (DigitalOcean) but feel as I'm missing something.

I have checked the sites-available files (000-default.conf, default-ssl.conf & example.com.conf) and I'm not seeing anything that's catching my eye, but I feel I migtht be missing something. I've checked the status of Apache and I'm not getting any errors and I've restarted the services several times to no avail.

Here's a general breakdown of what I have. Am I missing something? Is additional information required for setting this up?

000-default.conf 

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www
    Redirect "/" "https://example.com/"
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

default-ssl.conf 

<IfModule mod_ssl.c>
    <VirtualHost _default_:443>
            ServerAdmin webmaster@localhost
            DocumentRoot /var/www
            SSLCertificateFile /root/example.com.crt
            SSLCertificateKeyFile /root/www.example.com.key
            SSLCACertificateFile /root/intermediate.crt

            <FilesMatch "\.(cgi|shtml|phtml|php)$">
                            SSLOptions +StdEnvVars
            </FilesMatch>

            <Directory /usr/lib/cgi-bin>
                            SSLOptions +StdEnvVars
            </Directory>

            </VirtualHost>
 </IfModule>4

mydomain.com.conf 

<VirtualHost *:443>
    ServerAdmin admin@somedomain.com
    ServerName mydomain.com
    ServerAlias www.example.com
    DocumentRoot /var/www/example.com/html
    Redirect permanent / https://example.com
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

1 answers

solution1
 0 ACCPTED  2018-10-08 01:23:14

Here is my attempt at a combined configuration. Note that I do not have your setup to test it, but I have used similar configurations on production servers.

First define your port 80 VirtualHost (000-default.conf in your setup): 

Listen 80

<VirtualHost *:80>

    Redirect "/" "https://example.com/"

    LogLevel debug
    ErrorLog  "${APACHE_LOG_DIR}/80_error.log"
    CustomLog "${APACHE_LOG_DIR}/80_access.log" combined
</VirtualHost>

No need for a DocumentRoot since you redirect everything.

Then comment out default-ssl.conf . This file is an example of what you could do to setup an SSL enabled VirtualHost. If you use that file AND another VirtualHost on port 443, this one will always be used, since Apache uses the first VirtualHost it finds that matches the client's request (here port 443).

Another point, VirtualHost are not "added" to one another. Each is independent of the others and must contain a complete configuration. This means you cannot put some configuration in on VirtualHost on port 443, and some in another and expect it to work.

Then create your example.com.conf file: 

Listen 443

<VirtualHost *:443>
    ServerName  example.com
    ServerAlias www.example.com

    ServerAdmin admin@example.com

    SSLCertificateFile    "/root/example.com.crt"
    SSLCertificateKeyFile "/root/example.com.key"
    SSLCACertificateFile  "/root/intermediate.crt"

    LogLevel debug
    ErrorLog  "logs/443_error_log"
    CustomLog "logs/443_access_log" combined

    DocumentRoot "/var/www/example.com/html"
    DirectoryIndex index.html
    <Directory "/var/www/example.com/html">
        Options Indexes FollowSymLinks
        AllowOverride None
        Require all granted
    </Directory>

</VirtualHost>

Some notes:

  • I put the LogLevel at debug, so you can troubleshoot, but once it is working, change it to error. Otherwise you will have huge log files quickly!
  • For the same reason, I split the logs for port 80 and port 443. Each VirtualHost should have its own logs.
  • The certificate files must match the domain name. Not the filename (although it makes it easier to match), but the certificate itself.
  • If you want your certificate to cover example.com and www.example.com, both names must be added to the alternate names in the certificate.
  • I do not understand why you have Redirect permanent / https://example.com in your configuration. You are already in the https , port 443 VirtualHost.
  • The options based on <FilesMatch> directives in the default ssl configuration can be added if you want.

This setup will ensure that all http requests will be redirected to https://example.com . Then it will use the :443 VirtualHost, use the proper certificate for that domain and serve the content from the DocumentRoot directory.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache ProxyPass: Page not refreshing automatically after SSL installed How to remove letsencrypt ssl installed on Ubuntu apache2 server Polling Apache server not responding Apache server not responding in ec2 SSL on Apache HTTP Server Adding SSL to Apache Server Server not responding after LetsEncrypt SSL install Apache Recompile effect on already installed SSL SSL installed on Apache2 but HTTPS not working Apache Redirect when the page is SSL
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM