我在Apache 2.4网络服务器上运行两个网站。它被配置为NameBaseVhost,并且都有自己的Godaddy发布的通配符ssl证书(* .site1.com和* .site2.com)。 一切都很好。当我通过它的子网站www.site1.com和www.site2.com访问网站时,它运行正常。 Apache有一个重写规则将http重定向到https,因此两个网站都完全重定向。
现在的问题是当我将根域重定向到www时,对于site2.com,它给了我错误。
Error code: ssl_error_bad_cert_domain
site2.com uses an invalid security certificate.
The certificate is only valid for the following names:
*.site1.com, site1.com
site1.com的Httpd配置
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R]
# Redirect root domain to www
RewriteCond %{HTTP_HOST} ^site1\.com$ [NC]
RewriteRule ^(.*)$ https://www.site1.com/$1 [R=301,L]
<VirtualHost *:443>
ServerName www.site1.com
DocumentRoot /var/www/html/site1/public/
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/site1/site1.crt
SSLCertificateKeyFile /etc/pki/tls/private/site1/site1.key
SSLCertificateChainFile /etc/pki/tls/certs/site1/gd_site1.crt
Header always set Strict-Transport-Security "max-age=31536000;
</VirtualHost>
site2.com的Httpd配置
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R]
# Redirect root domain to www
RewriteCond %{HTTP_HOST} ^site2\.com$ [NC]
RewriteRule ^(.*)$ https://www.site2.com/$1 [R=301,L]
<VirtualHost *:443>
ServerName www.site2.com
DocumentRoot /var/www/html/site2/public/
SSLEngine On
SSLCertificateFile /etc/pki/tls/certs/site2/site2.crt
SSLCertificateKeyFile /etc/pki/tls/private/site2/site2.key
SSLCertificateChainFile /etc/pki/tls/certs/site2/gd_site2.crt
Header always set Strict-Transport-Security "max-age=31536000;
</VirtualHost>
如何解决此问题?
答案 0 :(得分:0)
您显然获得了https://site2.com的site1&#39}证书。这意味着你要击中第一个虚拟主机,而不是第二个虚拟主机。
您只需要在第二个虚拟主机中ServerAlias site2.com。它目前只处理www.site2.com,因此第一个列出的虚拟主机(隐含地是全能)在重定向之前用于证书。