什么时候不同类型的SSL证书很重要?

时间:2015-02-13 11:10:18

标签: security ssl ssl-certificate

我的网站是GoDaddy的通配符SSL证书。

我的客户是欧洲的主要银行之一。从他们的网络内部,他们无法访问我的网站https://www.example.com他们收到错误。但是,如果他们转到http://www.example.com,他们就可以访问它。

(我将我的网站设置为接受http和https来测试)。

因为他们可以访问http://www.example.com,我认为这不是DNS问题或其代理服务器的问题。

它是否与GoDaddy的通配符SSL证书有关?

我注意到还有标准的SSL证书(不是通配符),以及SSL OV和SSL EV证书。这会有所作为吗?

这是网络服务器配置

<VirtualHost *:80>
    ServerName www.example.com
    ServerAlias example.com

    ProxyPass         / http://localhost:8092/
    ProxyPassReverse  / http://localhost:8092/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    LogLevel info

</VirtualHost>
<VirtualHost *:443>
    ServerName www.example.com
    ServerAlias example.com

    ProxyPass         / http://localhost:8092/
    ProxyPassReverse  / http://localhost:8092/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine on

    #   A self-signed (snakeoil) certificate can be created by installing
    #   the ssl-cert package. See
    #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
    #   If both key and certificate are stored in the same file, only the
    #   SSLCertificateFile directive is needed.
    SSLCertificateFile    /etc/ssl/certs/example.com.crt
    SSLCertificateKeyFile /etc/ssl/private/example.key

    #   Server Certificate Chain:
    #   Point SSLCertificateChainFile at a file containing the
    #   concatenation of PEM encoded CA certificates which form the
    #   certificate chain for the server certificate. Alternatively
    #   the referenced file can be the same as SSLCertificateFile
    #   when the CA certificates are directly appended to the server
    #   certificate for convinience.
    SSLCertificateChainFile /etc/ssl/certs/gd_bundle.crt
</VirtualHost>

0 个答案:

没有答案