如果我输入example.com
URL,它会重定向到https://www.example.com
,这很好,输入也是一样,http://example.com
我得到了正确的重定向到https://www.example.com
。
但是,如果我输入,https://example.com
它会带我到警告 SSL 证书无效页面。在检查了证书的域名后,我意识到它会带我到服务器上完全不同的网站(如果我直接在 URL 中输入我的 VPS IP 地址,就会出现同一个网站。)
这是我的配置文件:
<VirtualHost *:80>
ServerName example.com
Redirect permanent / https://www.example.com/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias *.example.com
ServerAdmin [email protected]
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Alias /static /home/user/example/static
<Directory /home/user/example/static>
Require all granted
</Directory>
<Directory /home/user/example/example>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIScriptAlias / /home/user/example/example/wsgi.py
WSGIDaemonProcess exsite python-path=/home/user/example python-home=/home/user/example/venv
WSGIProcessGroup exsite
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
RewriteRule ^ https://www.example.com%{REQUEST_URI} [R=301,L]
SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
答案1
这些都不涵盖example.com
,而是使用默认站点:
ServerName www.example.com
ServerAlias *.example.com
如果您的证书是的通配符证书example.com
,则可以将其添加到您的ServerAlias
:
ServerName www.example.com
ServerAlias example.com *.example.com
也可以通过添加另一个VirtualHost *:443
块来完全避免使用 mod_rewrite:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName www.example.com
#...
</VirtualHost>
<VirtualHost *:443>
ServerName example.com
ServerAlias *.example.com
Redirect permanent / https://www.example.com/
SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>