我想在子域
上设置我的SSL证书account.mydomain.com,所以我复制了apache2 LAMP设置附带的000-default-ssl.conf。
我将.bundle和.crt文件上传到/ var / www
我做了
sudo a2enmod ssl
并确认从apache2返回消息打开了mod重写。
当我访问
时,我的ssl仍然不起作用account.mydomain.com
它说我的权限未经验证,这是以前在namecheap托管中使用的,我得到了bundle和crt文件,并且在namecheap,设置更容易,因为在cpanel有一个选项,我只是让namecheap的人设置为我
现在我改为unmanage主机,所以我第一次尝试设置ssl有点困难。
下面是我的SSL文件,我做了a2ensite my-ssl.conf并进行了apache2重新加载
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost
ServerName account.bizdomain.com
DocumentRoot /var/www/biz/account
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateChainFile /var/www/account_wizassets_com.crt
SSLCACertificateFile /var/www/account_wizassets_com.ca-bundle
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
<Directory /var/www/biz/account>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
如果我列出我的文件
root@K8:/var/www# ls -l
total 20
-rw-r--r-- 1 root root 5624 May 4 14:17 account_bizdomain_com.ca-bundle
-rw-r--r-- 1 root root 1931 May 4 14:17 account_bizdomain_com.crt
drwxr-xr-x 2 root root 4096 Mar 24 12:09 html
drwxr-xr-x 3 root root 4096 May 4 22:19 biz
答案 0 :(得分:0)
您引用了错误的证书。它应该是
SSLCertificateFile /var/www/account_bizdomain_com.crt