我已按照本教程在 ubuntu 服务器上设置 https:
我最终将该配置与当前常用的非 https symfony2 配置合并:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /srv/www/mysite.com/symfony/web/
ErrorLog /srv/www/mysite.com/logs/error.log
CustomLog /srv/www/mysite.com/logs/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.crt
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
<Directory /srv/www/mysite.com/symfony/web>
Options Indexes FollowSymLinks
AllowOverride all
Order allow,deny
Allow from all
Require all granted
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>
尽管我不太确定:
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
和
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
是需要的(或者甚至是他们真正在做的事情)。
另外,有两个<Directory>部分是不是一个糟糕的主意,还是这很正常?(我没有使用 cgi-bin,所以我猜无论如何我都可以删除该<Directory>部分)。
谢谢!