我有一个简单的Rails 3.1.rc6应用程序,我正在尝试在我的测试服务器(OS X 10.7服务器)上测试SSL配置。我正在使用Phusion Passenger和Apache。
不使用SSL时我可以毫无问题地运行应用程序。当我通过Apache或config.force_ssl = true文件中的environments/production.rb启用SSL时,页面加载时没有错误,但它大部分都是空的,而不是我的站点。看起来好像是在尝试从空目录中提供文件。
我检查了Edge Rails Documentation for configuring SSL,它只提到添加config.force_ssl = true选项,说它会自动使用Rack :: SSL中间件。
当我加载页面时,我看到了:
Index of /
Name Last modified Size Description
Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8r DAV/2 Phusion_Passenger/3.0.8 Server at mysite.mydomain.com Port 443
如果我删除rails应用程序中的ssl配置行并使用服务器工具强制网站使用SSL(选择自签名证书进行测试),则会发生同样的情况。我需要更改什么才能使其为... myapp/current/public文件夹提供服务,就像我config.force_ssl = false时一样?
编辑:更多信息。我在/var/log/apache2/error_log中看到以下内容:
[Fri Aug 26 10:57:49 2011] [notice] caught SIGTERM, shutting down
[Fri Aug 26 10:57:50 2011] [warn] RSA server certificate CommonName (CN) `My-Mac-mini.local' does NOT match server name!?
...
[Fri Aug 26 10:57:50 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
httpd: Could not reliably determine the server's fully qualified domain name, using myserver.local for ServerName
[Fri Aug 26 10:57:50 2011] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Fri Aug 26 10:57:50 2011] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Fri Aug 26 10:57:50 2011] [warn] RSA server certificate CommonName (CN) `My-Mac-mini.local' does NOT match server name!?
...
[Fri Aug 26 10:57:50 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Aug 26 10:57:50 2011] [notice] Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8r DAV/2 Phusion_Passenger/3.0.8 configured -- resuming normal operations
cache: [GET /] miss
答案 0 :(得分:0)
这看起来像Lion服务器的配置错误。最后,在行/etc/apache2/extra/httpd-vhosts.conf之后添加行NameVirtualHost *:443,将其修复到文件NameVirtualHost *:80中。我认为如果服务器托管多个SSL站点,服务器会自行完成,但事实证明它没有。