我在 OVH VPS(debian、apache、SSL)上有一个功能齐全的网站。我尝试将其迁移到 scaleway VPS。我更改了 DNS 条目,复制了 apache 配置文件和证书文件,但没有成功。然后我尝试使用 letsencrypt 生成新证书,但当我尝试通过 https 连接我的网站时,仍然收到 SSL_ERROR_RX_RECORD_TOO_LONG。
这是我的 Apache 配置文件:
Listen 80
Listen 443 https
<VirtualHost mydomain.fr:80>
ServerName mydomain.fr
DocumentRoot /var/www/html
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost mydomain.fr:443>
ServerName mydomain.fr
DocumentRoot /var/www/html
SSLCertificateFile /etc/letsencrypt/live/mydomain.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.fr/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
令我惊讶的是,certbot 脚本返回成功,但 ssllabs.com 网站诊断出问题。
certbot certonly -d mydomain.fr
给我
Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for mydomain.fr
Waiting for verification...
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/001_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/001_csr-certbot.pem
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/mydomain.fr/fullchain.pem. Your cert
will expire on 2017-11-29. To obtain a new or tweaked version of
this certificate in the future, simply run certbot again. To
non-interactively renew *all* of your certificates, run "certbot
renew"
- If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
答案1
尝试将您的虚拟主机更改为
<VirtualHost _default_:443>
ServerName mydomain.fr
DocumentRoot /var/www/html
</VirtualHost>
这默认标签,或*可能会因未知原因而起作用。