Apache SSL 虚拟主机没有响应(ERR_CONNECTION_TIMED_OUT)

tag-icon tag-icon ssl-certificate virtualhost https
Apache SSL 虚拟主机没有响应(ERR_CONNECTION_TIMED_OUT)

我是一名新手 Apache 管理员,请耐心等待!

我在单个 IP 上有一个 Apache 服务器,在 http 上托管多个虚拟主机。我现在正在尝试安装证书以启用 HTTPS,但没有成功。

conf文件如下所示:

Listen 443
LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so
LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so

NameVirtualHost www.mark3technologies.com:443
<VirtualHost www.mark3technologies.com:443>
    DocumentRoot "<path>/mark3technologies"
    ServerName www.mark3technologies.com
    ServerAlias mark3technologies.com
    ServerAdmin [email protected]
    SSLEngine on
    SSLCertificateFile "<path>/mark3technologies.com.crt"
    SSLCertificateKeyFile "<path>/mark3technologies.com.key"
    SSLCaCertificateFile "<path>/AlphaSSL_SHA-256R1IntCert.crt"
    <Directory "<path>/mark3technologies">
        Options -Indexes +FollowSymLinks
        Require all granted
    </Directory>
    LogLevel debug
</VirtualHost>
SSLSessionCache shmcb:/etc/httpd/ssl_scache(512000)
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCompression off

<VirtualHost *:80>
    DocumentRoot "<path>/mark3technologies"
    ServerName www.mark3technologies.com
    ServerAlias mark3technologies.com
    ServerAdmin [email protected]
    <Directory "<path>/mark3technologies">
        Options -Indexes +FollowSymLinks
        Require all granted
    </Directory>
    LogLevel warn
</VirtualHost>

apachectl -S看起来也合理......

AH00548: NameVirtualHost has no effect and will be removed in the next release <path>/vserver.conf:44
VirtualHost configuration:
54.247.123.104:443     www.mark3technologies.com (<path>/vserver.conf:45)
*:80                   is a NameVirtualHost
         default server cdmh.co.uk (<path>/vserver.conf:12)
         port 80 namevhost cdmh.co.uk (<path>/vserver.conf:12)
                 alias cdmh.co.uk
                 alias craighenderson.co.uk
                 wild alias *.cdmh.co.uk
                 wild alias *.craighenderson.co.uk
         port 80 namevhost runmotivator.com (<path>/vserver.conf:28)
                 alias runmotivator.com
                 wild alias *.runmotivator.com
         port 80 namevhost www.mark3technologies.com (<path>/vserver.conf:71)
                 alias mark3technologies.com
         port 80 namevhost www.sonningcommonmagazine.com (<path>/vserver.conf:86)
                 alias sonningcommonmagazine.org
                 wild alias *.sonningcommonmagazine.org
                 wild alias *.sonningcommonmagazine.com

读起来error.log好像运行正常。

AH01914: Configuring server www.mark3technologies.com:443 for SSL protocol
ssl_engine_init.c(1665): AH: Init: (www.mark3technologies.com:443) mod_md support is unavailable.
ssl_engine_init.c(1949): AH02209: CA certificate: CN=AlphaSSL CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE
ssl_engine_init.c(492): AH01893: Configuring TLS extension handling
ssl_util_ssl.c(470): AH02412: [www.mark3technologies.com:443] Cert matches for name 'www.mark3technologies.com' [subject: CN=www.mark3technologies.com,OU=Domain Control Validated / issuer: CN=AlphaSSL CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE / serial: 016DD49AA34CB94BA2610089 / notbefore: Oct 28 14:01:28 2019 GMT / notafter: Oct 28 14:01:28 2020 GMT]
AH02568: Certificate and private key www.mark3technologies.com:443:0 configured from /home/ubuntu/www/sites/mark3technologies.com.crt and /home/ubuntu/www/sites/mark3technologies.com.key
AH01914: Configuring server www.mark3technologies.com:443 for SSL protocol
ssl_engine_init.c(1665): AH: Init: (www.mark3technologies.com:443) mod_md support is unavailable.
ssl_engine_init.c(1949): AH02209: CA certificate: CN=AlphaSSL CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE
ssl_engine_init.c(492): AH01893: Configuring TLS extension handling
ssl_util_ssl.c(470): AH02412: [www.mark3technologies.com:443] Cert matches for name 'www.mark3technologies.com' [subject: CN=www.mark3technologies.com,OU=Domain Control Validated / issuer: CN=AlphaSSL CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE / serial: 016DD49AA34CB94BA2610089 / notbefore: Oct 28 14:01:28 2019 GMT / notafter: Oct 28 14:01:28 2020 GMT]
AH02568: Certificate and private key www.mark3technologies.com:443:0 configured from /home/ubuntu/www/sites/mark3technologies.com.crt and /home/ubuntu/www/sites/mark3technologies.com.key
AH00163: Apache/2.4.29 (Ubuntu) OpenSSL/1.1.1a configured -- resuming normal operations
AH00094: Command line: '/usr/sbin/apache2'

当我通过 HTTP 浏览网站时一切正常,但使用 HTTPS 时服务器没有响应,而且我根本没有收到任何错误。

防火墙:

$ sudo ufw status
WARN: Duplicate profile 'Apache', using last found
WARN: Duplicate profile 'Apache Secure', using last found
WARN: Duplicate profile 'Apache Full', using last found
Status: active

To                         Action      From
--                         ------      ----
443/tcp                    ALLOW       Anywhere
22/tcp                     ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp (v6)               ALLOW       Anywhere (v6)
22/tcp (v6)                ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)

看起来我已经非常接近了;请问最后要克服的障碍是什么?

相关内容