如何使用相同的SSL证书配置多个<virtualhost> - Apache

时间:2017-03-03 13:34:52

标签: apache ssl

上下文:

我有一个域:example.com,但我想创建一个像api.example.com这样的域来像网络服务一样使用它。

昨晚,我使用让我们加密获得免费的SSL证书。

我的网域example.com应该会在/var/www/website/中打开内容。

我的网域api.example.com应该会在/var/www/api/中打开内容。

我在互联网上寻找一些信息,并且我已经在/etc/apache2/sites-available/

中创建了这些文件

/etc/apache2/sites-available/example.com 

<VirtualHost *:80>

    ServerName  example.com
    DocumentRoot    /var/www/website/

    LogLevel debug
    ErrorLog ${APACHE_LOG_DIR}/example.com/error.log

        <Directory "/var/www/website/">
                Options FollowSymLinks
                AllowOverride None
        </Directory>

</VirtualHost>

<VirtualHost *:443>

    ServerName  example.com
    DocumentRoot    /var/www/website/

    LogLevel debug
    ErrorLog ${APACHE_LOG_DIR}/example.com/error_ssl.log

    SSLEngine on
    SSLCertificateKeyFile   /etc/apache2/ssl/example.com/privkey.pem
    SSLCertificateFile      /etc/apache2/ssl/example.com/cert.pem
    SSLCertificateChainFile /etc/apache2/ssl/example.com/chain.pem

        <Directory "/var/www/website/">
                Options FollowSymLinks
                AllowOverride None
        </Directory>

</VirtualHost>

/etc/apache2/sites-available/api.example.com 

<VirtualHost *:80>

    ServerName  api.example.com
    DocumentRoot    /var/www/api/

    #RewriteEngine On
    #RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]

        <Directory "/var/www/api/">
                Options FollowSymLinks
                AllowOverride None
        </Directory>

</VirtualHost>

<VirtualHost *:443>

    ServerName  api.example.com
    DocumentRoot    /var/www/api/

    LogLevel warn
    ErrorLog ${APACHE_LOG_DIR}/error.log

    SSLEngine on
    SSLCertificateKeyFile   /etc/apache2/ssl/example.com/privkey.pem
    SSLCertificateFile      /etc/apache2/ssl/example.com/cert.pem
    SSLCertificateChainFile /etc/apache2/ssl/example.com/chain.pem

        <Directory "/var/www/api/">
                Options FollowSymLinks
                AllowOverride None
        </Directory>

</VirtualHost>

我已创建了两个文件,因为我虽然需要将域名分开,但当我尝试输入example.com时,我已获得api.example.com中的内容。

使用让我们加密,我已为这两个域创建了相同的SSL证书,该文件位于/etc/apache2/ssl/example.com/

1 个答案:

答案 0 :(得分:0)

我找到了解决方案!

我已编辑了httpd.confports.conf

/etc/apache2/ports.conf 

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default
# This is also true if you have upgraded from before 2.2.9-3 (i.e. from
# Debian etch). See /usr/share/doc/apache2.2-common/NEWS.Debian.gz and
# README.Debian.gz

NameVirtualHost *:80
Listen 80

NameVirtualHost *:443

<IfModule mod_ssl.c>
    # If you add NameVirtualHost *:443 here, you will also have to change
    # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
    # to <VirtualHost *:443>
    # Server Name Indication for SSL named virtual hosts is currently not
    # supported by MSIE on Windows XP.
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

/etc/apache2/httpd.conf 

SSLStrictSNIVHostCheck on

现在我可以使用域名进行网站和网络服务

相关问题
最新问题