我有一个来自 comodo 的 SSL 证书,我想在我的 upunto R/Shiny 服务器上设置这个 SSL,我有来自 comodo 的以下文件:
- STAR_getedara_com.crt
- COMODORSADomainValidationSecureServerCA.crt
- COMODORSAAddTrustCA.crt
- 添加信任外部CARoot.crt
首先,我为我的 AWS 服务器添加了 443 端口
我将所有文件合并到一个文件中:
cat STAR_getedara_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt >apache.crt
然后我通过以下方式生成了一个私钥:
openssl genrsa -out /etc/ssl/private/apache.key 2048
然后我编辑了我的 000-default.conf 文件
<VirtualHost *:*>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache.crt
SSLCertificateKeyFile /etc/ssl/private/apache.key
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:3838/
ProxyPassReverse / http://127.0.0.1:3838/
ServerName bi.getedara.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /log/ "/var/log/"
<Directory "/var/log/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from all
Require all granted
</Directory>
</VirtualHost>
之后我尝试重新启动 apache 但出现此错误:
apache2.service 的作业失败,因为控制进程退出并显示错误代码。有关详细信息,请参阅“systemctl status apache2.service”和“journalctl -xe”
systemctl status apache2.service
```
● apache2.service - LSB: Apache2 web server
Loaded: loaded (/etc/init.d/apache2; bad; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: failed (Result: exit-code) since Thu 2018-05-17 09:18:47 UTC; 2min 54s ago
Docs: man:systemd-sysv-generator(8)
Process: 1273 ExecStart=/etc/init.d/apache2 start (code=exited, status=1/FAILURE)```
May 17 09:18:47 ip-172-31-18-184 apache2[1273]: Output of config test was:
May 17 09:18:47 ip-172-31-18-184 apache2[1273]: [Thu May 17 09:18:47.646658 2018] [proxy_html:notice] [pid 1346] AH01425: I18n support in mod_proxy_html requires mod_xml2enc. Without it, non-ASCII characters
May 17 09:18:47 ip-172-31-18-184 apache2[1273]: AH00526: Syntax error on line 12 of /etc/apache2/sites-enabled/000-default.conf:
May 17 09:18:47 ip-172-31-18-184 apache2[1273]: SSLCertificateKeyFile: file /etc/ssl/private/myserver.key' does not exist or is empty
May 17 09:18:47 ip-172-31-18-184 apache2[1273]: Action 'configtest' failed.
May 17 09:18:47 ip-172-31-18-184 apache2[1273]: The Apache error log may have more information.
May 17 09:18:47 ip-172-31-18-184 systemd[1]: apache2.service: Control process exited,code=exited status=1
May 17 09:18:47 ip-172-31-18-184 systemd[1]: Failed to start LSB: Apache2 web server.
May 17 09:18:47 ip-172-31-18-184 systemd[1]: apache2.service: Unit entered failed state.
May 17 09:18:47 ip-172-31-18-184 systemd[1]: apache2.service: Failed with result 'exit-code'.```