我已将旧的 SSL 证书替换为新的,并多次重新启动 apache,但旧证书仍然显示在 Web 浏览器上,当我运行命令时
openssl s_client-connect 127.0.0.1:443-showcerts
我还删除了所有旧的证书文件。所以不确定 apache 仍然在哪里读取这些证书。而不是读取新的。这是我的 ssl.conf
Listen 0.0.0.0:443
SSLEngine on
SSLOptions +StrictRequire
<Directory />
SSLRequireSSL
</Directory>
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
SSLMutex file:/usr/apache2/logs/ssl_mutex
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024
SSLSessionCache shm:/usr/apache2/logs/ssl_cache_shm
SSLSessionCacheTimeout 600
SSLPassPhraseDialog builtin
SSLCertificateFile /usr/apache2/conf/ssl.crt/server.crt
SSLCertificateKeyFile /usr/apache2/conf/ssl.key/server.key
SSLVerifyClient none
SSLProxyEngine off
<IfModule mime.c>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfModule>