Apache SSL无法正常工作

Question

• 基于debian的Linux上的Apache 2.2
• # a2enmod ssl && service apache2 restart
• 港口443根据SheildsUP关闭！扫描，但不是隐身模式
• Apache正在根据netstat -nutlp
侦听端口80和443
• 在端口80和端口443
上托管同一网站
• http://website.com有效，https://website.com不

我的虚拟主机设置如下：

<VirtualHost *:443>
    SSLEngine               On
    SSLCertificateKeyFile   SSL_DIR/ssl.key
    SSLCertificateFile      SSL_DIR/ssl.crt
</VirtualHost>

<VirtualHost *:80 *:443>
    ServerAdmin     webmaster@localhost
    ServerAlias     website.com *.website.com
    ServerName      www.website.com

    # Just a few connection resets so that I don't waste my bandwidth on "hackers"
    SecRuleEngine On
    SecRule &REQUEST_HEADERS:User-Agent     "@eq 0"         drop,phase:1
    SecRule REQUEST_HEADERS:User-Agent      "^$"            drop,phase:1

    SecRule REQUEST_LINE                    "://"           drop,phase:1

    SecRule REQUEST_URI                     "^/admin"       drop,phase:1
    SecRule REQUEST_URI                     "^/mail"        drop,phase:1
    SecRule REQUEST_URI                     "^/webmail"     drop,phase:1

    DocumentRoot /path/public_html
    <Directory /path/public_html/>
            Options FollowSymLinks MultiViews
            Order allow,deny
            allow from all
    </Directory>
</VirtualHost>

我在注册SSL证书时也收到了2 .pem个文件，但找不到任何关于如何使用它们的文件。

我的问题是，为什么SSL不能正常工作？它与.pem文件有关吗？

Answer 1

首先，你必须启用ssl

sudo a2enmod ssl

并且您必须包含您的pem文件（迷你示例）

<VirtualHost *:443>
        SSLEngine               On
        SSLCertificateKeyFile   SSL_DIR/ssl.key
        SSLCertificateFile      SSL_DIR/ssl.crt

        ServerAdmin     webmaster@localhost
        ServerAlias     website.com *.website.com
        ServerName      www.website.com

        # Just a few connection resets so that I don't waste my bandwidth on "hackers"
        SecRuleEngine On
        SecRule &REQUEST_HEADERS:User-Agent     "@eq 0"         drop,phase:1
        SecRule REQUEST_HEADERS:User-Agent      "^$"            drop,phase:1

        SecRule REQUEST_LINE                    "://"           drop,phase:1

        SecRule REQUEST_URI                     "^/admin"       drop,phase:1
        SecRule REQUEST_URI                     "^/mail"        drop,phase:1
        SecRule REQUEST_URI                     "^/webmail"     drop,phase:1

        DocumentRoot /path/public_html
        <Directory /path/public_html/>
                Options FollowSymLinks MultiViews
                Order allow,deny
                allow from all
        </Directory>
    </VirtualHost>

    <VirtualHost *:80>
        ServerAdmin     webmaster@localhost
        ServerAlias     website.com *.website.com
        ServerName      www.website.com

        # Just a few connection resets so that I don't waste my bandwidth on "hackers"
        SecRuleEngine On
        SecRule &REQUEST_HEADERS:User-Agent     "@eq 0"         drop,phase:1
        SecRule REQUEST_HEADERS:User-Agent      "^$"            drop,phase:1

        SecRule REQUEST_LINE                    "://"           drop,phase:1

        SecRule REQUEST_URI                     "^/admin"       drop,phase:1
        SecRule REQUEST_URI                     "^/mail"        drop,phase:1
        SecRule REQUEST_URI                     "^/webmail"     drop,phase:1

        DocumentRoot /path/public_html
        <Directory /path/public_html/>
                Options FollowSymLinks MultiViews
                Order allow,deny
                allow from all
        </Directory>
    </VirtualHost>