我在Apache 3的堆栈上部署了一个应用程序,用于ElasticBeanstalk。
DNS是通过Cloudflare处理的,因为我使用的是SSL证书。我的单页规则为http://*.example.com/$
Always use HTTPS。
我有一个https-instance配置文件:
packages:
yum:
mod24_ssl : []
files:
/etc/httpd/conf.d/ssl.conf:
mode: "000644"
owner: root
group: root
content: |
LoadModule wsgi_module modules/mod_wsgi.so
WSGIPythonHome /opt/python/run/baselinenv
WSGISocketPrefix run/wsgi
WSGIRestrictEmbedded On
Listen 443
<VirtualHost *:443>
ServerName www.example.com
SSLEngine on
SSLCertificateFile "/etc/pki/tls/certs/server.crt"
SSLCertificateKeyFile "/etc/pki/tls/certs/server.key"
Alias /static/ /opt/python/current/app/example/static/
<Directory /opt/python/current/app/example/static>
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias / /opt/python/current/app/application.py
<Directory /opt/python/current/app>
Require all granted
</Directory>
WSGIDaemonProcess wsgi-ssl processes=1 threads=15 display-name=%{GROUP} \
python-path=/opt/python/current/app:/opt/python/run/venv/lib/python3.4/site-packages:/opt/python/run/venv/lib64/python3.4/site-packages \
home=/opt/python/current/app \
user=wsgi \
group=wsgi
WSGIProcessGroup wsgi-ssl
</VirtualHost>
/etc/pki/tls/certs/server.crt:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN CERTIFICATE-----
stuff
-----END CERTIFICATE-----
/etc/pki/tls/certs/server.key:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN RSA PRIVATE KEY-----
stuff
-----END RSA PRIVATE KEY-----
container_commands:
01killhttpd:
command: "killall httpd"
02waitforhttpddeath:
command: "sleep 3"
SSL有效。我可以在Route53中进行DNS重定向,但之后它不再允许我使用Cloudflare证书了。
我已经尝试过查看这样的资源:https://support.cloudflare.com/hc/en-us/articles/200172286-How-do-I-perform-URL-forwarding-or-redirects-with-Cloudflare-但对我来说不是很清楚......
我希望example.com和example.com之后的任何路径永久重定向到https://www.example.com/ {path}。我希望http://www.example.com以及随后的任何路径重定向到https://www.example.com/ {path}。