MAMP 2使用SSL的多个VirtualHost

时间:2012-06-26 23:49:12

标签: ssl mamp vhosts

我目前在配置MAMP 2以将SSL与多个虚拟主机一起使用时遇到了麻烦(它与一个工作正常)。就我而言,它只会为https-ssl.conf文件中列出的第一个虚拟主机提供SSL连接。

在我的httpd-vhosts.conf文件中,我有几个vhosts设置如:

<VirtualHost *:80> 
    DocumentRoot "/Users/me/sites/something/" 
    ServerName something.local 
</VirtualHost>
<VirtualHost *:80> 
    DocumentRoot "/Users/me/sites/else/" 
    ServerName else.local 
</VirtualHost>

在我的https-ssl.conf文件中,我有几个vhosts设置如:

<VirtualHost *:443>
    DocumentRoot "/Users/me/sites/something"
    ServerName something.local:443
    ServerAdmin you@example.com
    ErrorLog "/Applications/MAMP/Library/logs/error_log"
    TransferLog "/Applications/MAMP/Library/logs/access_log"

    SSLEngine on

    #   SSL Cipher Suite:
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    #   Server Certificate:
    SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
    #SSLCertificateFile "/Applications/MAMP/conf/apache/server-dsa.crt"

    #   Server Private Key:
    SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
    #SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server-dsa.key"

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/Applications/MAMP/Library/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>

    #   SSL Protocol Adjustments:
    BrowserMatch ".*MSIE.*" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

    #   Per-Server Logging:
    CustomLog "/Applications/MAMP/Library/logs/ssl_request_log" \
                  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>  
<VirtualHost *:443>
    DocumentRoot "/Users/me/sites/else"
    ServerName else.local:443
    ServerAdmin you@example.com
    ErrorLog "/Applications/MAMP/Library/logs/error_log"
    TransferLog "/Applications/MAMP/Library/logs/access_log"


    ........add'l config deleted......
</VirtualHost>

https -ssl.conf中列出的第一个vhost始终可以提供SSL支持,但不能在其后面列出任何内容(https://something.local可以工作,但不能https://else.local

任何帮助将不胜感激!

3 个答案:

答案 0 :(得分:5)

每个IP只能有一个HTTPS主机 - 这是HTTPS的限制。请尝试使用<VirtualHost ip.ad.dr.es:443>获取不同的IP,以便在每个IP上获取HTTPS主机。

答案 1 :(得分:2)

原始问题中的changepass = UserProfile.objects.get(user=request.user) 文件关闭但不完全存在...

为了让Apache能够通过SSL识别不同的虚拟主机,您需要使用 NameVirtualHost 并关闭“Strict SNI”。基本上,您需要在.conf文件的顶部添加以下内容:

httpd-ssl.conf

然后确保使用以下标记声明每个vhost节点:

# Ensure that Apache listens on port 443
Listen 443

# Listen for virtual host requests on all IP addresses
NameVirtualHost *:443

# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off

注意:您使用的浏览器也需要支持SNI。

所有这些都来自Apache docs中的这个页面: https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

答案 2 :(得分:0)

如果包含httpd-vhost.confhttpd.conf

,请在NameVirtualHost *:80 NameVirtualHost *:443 上试用 
{{1}}

由于

相关问题
最新问题