两天来,我一直在努力在我的 amazon ec2 服务器上设置 ssl。我已经转到 aws 文档进行设置。
我已经生成了私钥和 csr,并从 www.ssl.com 获得了 ssl 证书。
我已配置我的安全组和负载均衡器来监听端口 443。
我的虚拟主机配置在这里:
<VirtualHost *:80>
ServerName my.domain.in
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /var/www/html/project/public
Redirect permanent / https://my.domain.in
RailsEnv development
# DevelopmentLog /var/www/html/project/log/development.log
ErrorLog /var/www/html/project/log/error.log
CustomLog /var/www/html/project/log/access.log combined
<Directory /var/www/html/project/public>
# This relaxes Apache security settings.
AllowOverride All
# MultiViews must be turned off.
Options -MultiViews
# Uncomment this if you're on Apache >= 2.4:
#Require all granted
</Directory>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*) https://my.domain.in [R=301,L]
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
ServerName my.domain.in
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /var/www/html/dashboard/public
RailsEnv development
<Directory /var/www/html/project/public>
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
# Uncomment this if you're on Apache >= 2.4:
#Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /home/ec2-user/certs/my.domain.in.crt
SSLCertificateKeyFile /home/ec2-user/certs/my.domain.in.key
SSLCertificateChainFile /home/ec2-user/certs/ca-chain-amazon.crt
</VirtualHost>
我的域名已附加到 aws elastic IP 某个其他托管站点。
当我在浏览器中浏览时,出现 SSL 连接错误。请告诉我我遗漏了什么。谢谢。
编辑:
curl -kv https://127.0.0.1/
输出:
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* NSS error -12263 (SSL_ERROR_RX_RECORD_TOO_LONG)
* SSL received a record that exceeded the maximum permissible length.
* Closing connection 0
curl: (35) SSL received a record that exceeded the maximum permissible length.