![](/img/trans.png)
[英]How to remove letsencrypt ssl installed on Ubuntu apache2 server
[英]Server not responding after LetsEncrypt SSL install
我正在将我的网站推送到 Ubuntu 18.04 上的 AWS Lightsail 实例,自从我安装了 LetsEncrypt(之前一切都很好)后,我无法访问它。
基本上,我没有收到任何回复,尽管看起来一切都很好,至少对我来说是这样。 我的网站名为 kolibri.ba,我为www.kolibri.ba和 kolibri.ba 安装了 2 个 SSL。 我尝试了不同的 UFW 设置,将其完全关闭等等。
我的虚拟主机 (kolibri.conf)
<VirtualHost *:80>
ServerName kolibri.ba
ServerAlias www.kolibri.ba
ServerAdmin kontakt@kolibri.ba
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error_mysite.log
CustomLog ${APACHE_LOG_DIR}/error_access_mysite.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =kolibri.ba [OR]
RewriteCond %{SERVER_NAME} =www.kolibri.ba
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
在 /etc/apache2 中到处搜索“kolibri”看起来像这样
ack "kolibri" /etc/apache2
/etc/apache2/kolibri.conf
4: ServerAdmin kontakt@kolibri.ba
5: ServerName kolibri.ba
6: ServerAlias www.kolibri.ba
16: ErrorLog /var/log/apache2/error-kolibri.ba.log
17: CustomLog /var/log/apache2/access-kolibri.ba.log combined
/etc/apache2/sites-available/kolibri.conf
2: ServerName kolibri.ba
3: ServerAlias www.kolibri.ba
5: ServerAdmin kontakt@kolibri.ba
12:RewriteCond %{SERVER_NAME} =kolibri.ba [OR]
13:RewriteCond %{SERVER_NAME} =www.kolibri.ba
/etc/apache2/sites-available/kolibri-2-le-ssl.conf
3: ServerAdmin kontakt@kolibri.ba
4: ServerName kolibri.ba
5: ServerAlias www.kolibri.ba
11:#SSLCertificateFile /etc/letsencrypt/live/www.kolibri.ba/fullchain.pem
12:#SSLCertificateKeyFile /etc/letsencrypt/live/www.kolibri.ba/privkey.pem
/etc/apache2/sites-available/kolibri-le-ssl.conf
3: ServerName www.kolibri.ba
4: ServerAlias kolibri.ba
6: ServerAdmin kontakt@kolibri.ba
14:SSLCertificateFile /etc/letsencrypt/live/kolibri.ba/fullchain.pem
15:SSLCertificateKeyFile /etc/letsencrypt/live/kolibri.ba/privkey.pem
20: ServerName kolibri.ba
21: ServerAlias www.kolibri.ba
23: ServerAdmin kontakt@kolibri.ba
33:# RewriteCond %{SERVER_NAME} =kolibri.ba [OR]
34:# RewriteCond %{SERVER_NAME} =www.kolibri.ba```
I added these lines to my wp-config.php as well
定义('WP_HOME','https://kolibri.ba'); define( 'WP_SITEURL', 'https://kolibri.ba' ); 定义('FORCE_SSL_ADMIN',真)```
防火墙设置如下所示
sudo ufw status
Status: active
To Action From
-- ------ ----
Apache Full ALLOW Anywhere
30000:31000/tcp ALLOW Anywhere
20:21/tcp ALLOW Anywhere
OpenSSH ALLOW Anywhere
Apache ALLOW Anywhere
20/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
40000:50000/tcp ALLOW Anywhere
990/tcp ALLOW Anywhere
443 ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
Apache Full (v6) ALLOW Anywhere (v6)
30000:31000/tcp (v6) ALLOW Anywhere (v6)
20:21/tcp (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
Apache (v6) ALLOW Anywhere (v6)
20/tcp (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)
40000:50000/tcp (v6) ALLOW Anywhere (v6)
990/tcp (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
如果我在我的域本地执行 nmap 443 和 80 端口,它会给出这个
PORT STATE SERVICE
80/tcp open http
443/tcp filtered https
不确定是 443 filtered state 导致了这个问题还是什么?
最后,我将我的 apache 健康统计数据放在这里:
ubuntu@ip-172-26-0-121:~$ sudo systemctl status apache2
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: active (running) since Wed 2022-04-20 20:56:26 CEST; 11min ago
Process: 5339 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
Process: 5300 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
Process: 5344 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 5358 (apache2)
Tasks: 9 (limit: 2362)
CGroup: /system.slice/apache2.service
├─5358 /usr/sbin/apache2 -k start
├─5363 /usr/sbin/apache2 -k start
├─5364 /usr/sbin/apache2 -k start
├─5365 /usr/sbin/apache2 -k start
├─5366 /usr/sbin/apache2 -k start
├─5367 /usr/sbin/apache2 -k start
├─5382 /usr/sbin/apache2 -k start
├─5385 /usr/sbin/apache2 -k start
└─5386 /usr/sbin/apache2 -k start
Apr 20 20:56:26 ip-172-26-0-121 systemd[1]: Stopped The Apache HTTP Server.
Apr 20 20:56:26 ip-172-26-0-121 systemd[1]: Starting The Apache HTTP Server...
Apr 20 20:56:26 ip-172-26-0-121 systemd[1]: Started The Apache HTTP Server.
我花了 2 天时间对此进行调试,如果正确导入 WordPress 不是那么痛苦的话,到目前为止我会杀死我的实例 15 次。 请帮忙,非常感谢!
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/certificate/apache-certificate.crt
SSLCertificateKeyFile /etc/apache2/certificate/apache.key
</VirtualHost>
正确配置东西,这应该可以工作,你不需要所有的虚拟主机,只需要一个。 完成后重新启动服务,但如果 SSL 错误,它将失败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.