迁移服务器后出现 SSL_ERROR_RX_RECORD_TOO_LONG

迁移服务器后出现 SSL_ERROR_RX_RECORD_TOO_LONG

我在 OVH VPS(debian、apache、SSL)上有一个功能齐全的网站。我尝试将其迁移到 scaleway VPS。我更改了 DNS 条目,复制了 apache 配置文件和证书文件,但没有成功。然后我尝试使用 letsencrypt 生成新证书,但当我尝试通过 https 连接我的网站时,仍然收到 SSL_ERROR_RX_RECORD_TOO_LONG。

这是我的 Apache 配置文件:

Listen 80
Listen 443 https

<VirtualHost mydomain.fr:80>
        ServerName mydomain.fr
        DocumentRoot /var/www/html
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost mydomain.fr:443>
        ServerName mydomain.fr
        DocumentRoot /var/www/html

        SSLCertificateFile /etc/letsencrypt/live/mydomain.fr/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.fr/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf

</VirtualHost>
</IfModule>

令我惊讶的是,certbot 脚本返回成功,但 ssllabs.com 网站诊断出问题。

certbot certonly -d mydomain.fr

给我

Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for mydomain.fr
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/001_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/001_csr-certbot.pem

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
   /etc/letsencrypt/live/mydomain.fr/fullchain.pem. Your cert
   will expire on 2017-11-29. To obtain a new or tweaked version of
   this certificate in the future, simply run certbot again. To
   non-interactively renew *all* of your certificates, run "certbot
   renew"
 - If you like Certbot, please consider supporting our work by:

   Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
   Donating to EFF:                    https://eff.org/donate-le

答案1

尝试将您的虚拟主机更改为

<VirtualHost _default_:443>
        ServerName mydomain.fr
        DocumentRoot /var/www/html
</VirtualHost>

默认标签,或*可能会因未知原因而起作用。

相关内容