[英]How to configure multiple SSL certs on Apache virtual host with aliases?
[英]How to configure multiple subdomain with SSL in Apache?
配置:
现在,我可以让 a.example.com 工作。 但是我如何让 a.example.com 和 b.example.com 在同一台服务器上工作?
/etc/apache2/site-enable/a.example.com.conf
<VirtualHost *:80>
ServerName a.example.com
Redirect permanent / https://a.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.a.example.com
Redirect permanent / https://a.example.com
</VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName a.example.com
ServerAlias www.a.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:4949/
ProxyPassReverse http://localhost:4949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
更新 --- 如果我尝试这个:
/etc/apache2/site-enable/b.example.com.conf
<VirtualHost *:80>
ServerName b.example.com
Redirect permanent / https://b.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.example.com
Redirect permanent / https://b.example.com
/VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName b.example.com
ServerAlias www.b.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
我得到这个
[....] Restarting web server: apache2[Thu Jul 21 14:58:01 2016] [warn] module passenger_module is already loaded, skipping
[Thu Jul 21 14:58:01 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Thu Jul 21 14:58:01 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
... waiting [Thu Jul 21 14:58:02 2016] [warn] module passenger_module is already loaded, skipping
[Thu Jul 21 14:58:02 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Thu Jul 21 14:58:02 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
(98)Address already in use: make_sock: could not bind to address [::]:443
--- 更新
我在 b.exemple.com.conf 上删除了 Listen 443
但是现在,我有这个:
a.example.com ---> b.example.com
b.example.com ---> b.example.com
问题是当我尝试访问 a 时,我被重定向到 b
我在做什么错?
/etc/apache2/site-enable/b.example.com.conf
<VirtualHost *:80>
ServerName b.example.com
Redirect permanent / https://b.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.example.com
Redirect permanent / https://b.example.com
/VirtualHost>
<VirtualHost *:443>
ServerName b.example.com
ServerAlias www.b.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
- 更新找到解决方案:)
我终于找到了解决我的问题的方法,谢谢你的帮助!
<IfModule mod_ssl.c>
Listen 443
NameVirtualHost *:443
</IfModule>
<VirtualHost *:443>
ServerName www.example.fr
DocumentRoot "/var/www/html/404"
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.fr
Redirect permanent / https://a.example.fr
</VirtualHost>
<VirtualHost *:80>
ServerName a.example.fr
Redirect permanent / https://a.example.fr
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin@admin.fr
ServerName a.example.fr
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:4949/
ProxyPassReverse http://localhost:4949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/serveurA.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
<VirtualHost *:80>
ServerName b.example.fr
Redirect permanent / https://b.example.fr
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin@admin.fr
ServerName b.example.fr
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/serveurA.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
更改所有子域的通配符 (*.example.com) 的虚拟主机代码,要实现此功能,您的 SSL 证书应该是支持多个子域的通配符
在 apache httpd.conf或ssl.conf文件的<virtualhost>
代码中更改/添加两行
ServerName www.example.com
ServerAlias *.example.com
例子:
a.example.com
b.example.com
WHATEVER_SUB-DOMAIN_TEXT.example.com
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.