我已经安装了带有 apache 的 centos,启用了 ssl 并设置了 lets encrypt cert(按照此指南进行 sslhttps://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-centos-7)并使用本指南设置了新的虚拟主机(https://www.digitalocean.com/community/tutorials/how-to-install-the-apache-web-server-on-centos-7)我无法让第二个虚拟主机提供服务。它似乎一直在使用默认的 SSL 虚拟主机(似乎是在安装 mod_ssl 后创建的)。以下是我的配置文件
默认 ssl 虚拟主机 /etc/httpd/conf.d/ssl.conf
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory /var/www/html/var/www/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
DocumentRoot /var/www/html
第二个 SSL 虚拟主机 /etc/httpd/sites-available/example.co.za.conf
ServerName example.example.co.za
ServerAlias example.co.za
DocumentRoot /var/www/example.co.za/html
ErrorLog /var/www/example.co.za/log/error.log
CustomLog /var/www/example.co.za/log/requests.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.co.za [OR]
RewriteCond %{SERVER_NAME} =example.example.co.za
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
请求更新配置
/etc/http/conf/httpd.conf
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access_log" combined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
IncludeOptional sites-enabled/*.conf
Include /etc/httpd/sites-available/example.co.za-le-ssl.conf
/etc/http/conf.d/ssl.conf
Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost _default_:443>
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:3DES:!aNULL:!MD5:!SEED:!IDEA
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory /var/www/html/var/www/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
DocumentRoot /var/www/html
</VirtualHost>
/etc/httpd/sites-available/example.co.za-le-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName example.example.co.za
ServerAlias example.co.za
DocumentRoot /var/www/example.co.za/html
ErrorLog /var/www/example.co.za/log/error.log
CustomLog /var/www/example.co.za/log/requests.log combined
SSLCertificateFile /etc/letsencrypt/live/example.example.co.za/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.example
.co.za/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/example.example.co.za/chain.pem
</VirtualHost>
</IfModule>