问题: 如何将 1 个 OpenSSL 证书应用于位于 html 目录中的所有网站?
问题:当访问https://localhost.site1.com或https://localhost.site2.com仅显示index.html位于时,/var/www/html/index.html因为default-ssl.conf文档根目录是 /var/www/html/
我有 2 个 wordpress 多站点 (和其他站点),位于/var/www/html/:
/var/www/html/site1.com
和
/var/www/html/site2.com
在我的default-ssl.conf我有:
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin [email protected]
ServerName localhost
ServerAlias localhost
DocumentRoot /var/www/html/
ErrorLog ${APACHE_LOG_DIR}/localhost.error.log
CustomLog ${APACHE_LOG_DIR}/localhost.access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
DirectoryIndex index.php
AllowOverride All
Order allow,deny
Allow from all
Require all granted
</Directory>
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
在我的/etc/hosts档案中我有:
127.0.1.1 excalibur
127.0.0.1 localhost
127.0.0.1 localhost.site1.com *.localhost.site1.com # mainsite url
127.0.0.1 subsite-a.localhost.site1.com
127.0.0.1 subsite-b.localhost.site1.com
127.0.0.1 subsite-c.localhost.site1.com
127.0.0.1 localhost.site2.com *.localhost.site2.com # mainsite url
site1.com 的虚拟主机包含:
<VirtualHost *:80>
ServerName localhost.site1.com
ServerAlias www.localhost.site1.com
# If this is the default configuration file we can use: 'ServerName localhost' or also 'ServerAlias localhost'.
ServerAdmin [email protected]
ErrorLog ${APACHE_LOG_DIR}/localhost.site1.com.error.log
CustomLog ${APACHE_LOG_DIR}/localhost.site1.com.access.log combined
DocumentRoot /var/www/html/site1.com
<Directory /var/www/html/site1.com>
Options None FollowSymLinks
# Enable .htaccess Overrides:
AllowOverride All
DirectoryIndex index.php
Order allow,deny
Allow from all
Require all granted
</Directory>
<Directory /var/www/html/site1.com/wp-content>
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
</VirtualHost>
site2.com 的 vhost 包含:
<VirtualHost *:80>
ServerName localhost.site2.com
ServerAlias www.localhost.site2.com
# If this is the default configuration file we can use: 'ServerName localhost' or also 'ServerAlias localhost'.
ServerAdmin [email protected]
ErrorLog ${APACHE_LOG_DIR}/localhost.site2.com.error.log
CustomLog ${APACHE_LOG_DIR}/localhost.site2.com.access.log combined
DocumentRoot /var/www/html/site2.com
<Directory /var/www/html/site2.com>
Options None FollowSymLinks
# Enable .htaccess Overrides:
AllowOverride All
DirectoryIndex index.php
Order allow,deny
Allow from all
Require all granted
</Directory>
<Directory /var/www/html/site2.com/wp-content>
Options FollowSymLinks
Order allow,deny
Allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
</VirtualHost>
有小费吗?
答案1
您的虚拟主机正在监听端口 80,而 HTTPS 连接使用端口 443。为此,您将获得默认 SSL 配置中的内容,因为这是端口 443 的唯一配置。
VirtualHost将您的定义更改为<VirtualHost *:443>可能会解决问题。