Apache 不会强制将 https://domain 改为 https://www.domain(重写不起作用)

Apache 不会强制将 https://domain 改为 https://www.domain(重写不起作用)

设置 Apache 2.4 和 Wordpress 后,我收到以下 SSL 错误消息:

$ wget "https://example.com"
Resolving example.com (example.com)... 192.168.15.5
Connecting to example.com (example.com)|192.168.15.5|:443... connected.
ERROR: no certificate subject alternative name matches
requested host name ‘ example.com’.
To connect to example.com insecurely, use `--no-check-certificate'.

为了使域名与我的 SSL 证书 ( www.example.com) 匹配,我尝试调整网站配置以重定向https://example.comhttps://www.example.com但它不起作用:http 到 https 的重定向按预期运行,但 naked-domain 到 www-domain 却没有。

这是我的站点配置:

<VirtualHost *:80>
        ServerName example.com
        ServerAlias www.example.com
        Redirect permanent / https://www.example.com/
</VirtualHost>
                                                                                                  
<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
            ServerName www.example.com

            Protocols h2 http/1.1

            ServerAdmin webmaster@localhost
            DocumentRoot /var/www/html
            DirectoryIndex index.php

            RewriteEngine on            #### Doesn’t work at all ####
            RewriteCond %{HTTP_HOST} ^example\.com [NC]
            RewriteRule ^/(.*) https://www.example.com/$1 [L,R=301]


            ErrorLog ${APACHE_LOG_DIR}/error.log
            CustomLog ${APACHE_LOG_DIR}/access.log combined

            # SSL with Letsencrypt                                                                                                                Include /etc/letsencrypt/options-ssl-apache.conf
            SSLEngine on
            SSLCertificateFile      /etc/letsencrypt/live/www.example.com/fullchain.pem
            SSLCertificateKeyFile /etc/letsencrypt/live/www.example.com/privkey.pem
                                                                             
    </VirtualHost>
</IfModule>

该网站本身运行良好,并且.htaccess仅包含由 Wordpress 创建的行。

任何意见都值得赞赏。

答案1

您仍需要有效的证书http://example.com。重定向发生建立了有效的 TLS 连接。

获取SAN 字段中的example.com证书。www.example.com

相关内容