我在设置 SSL 证书时遇到问题。Apache2 似乎不提供 vhost 中定义的证书,而是提供 default-ssl 中的证书(该证书似乎已过期)
默认 SSL
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
ServerName 70.127.153.111
...
SSLEngine on
SSLCertificateFile /etc/ssl/certs/webserver.pem
SSLCertificateKeyFile /etc/ssl/private/webserver.key
...
Vhost 设置
<VirtualHost *:443>
ServerName sub.mydomain.com
DocumentRoot /var/www/
SSLEngine on
SSLCertificateFile /etc/ssl/private/mydomain.crt
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-mydomain-snakeoil.key
SSLCertificateChainFile /etc/apache2/mydomain.crt
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
很高兴得到任何提示我做错的事情。
谢谢!