我们有3个域指向一个IP。 其中2个域名(app.fr,app.com)需要通过SSL认证。 我们有子域名,我们的证书也支持子域名。
app.fr有子域名admin.app.fr - 在https下加载正常 app.com也有一个子域名admin1.app.com - 这不是加载https 给出了波纹管错误
This server could not prove that it is admin.app.com;
its security certificate is from "*.app.fr". This may be caused by a
misconfiguration or an attacker intercepting your connection.
when I put the app.com vhost 1st and app.fr bellow.
admin1.app.com loads fine
admin.app.fr gives error on load
此服务器无法证明它是admin1.app.fr; 其安全证书来自“* .app.com”。这可能是由a引起的 错误配置或攻击者拦截您的连接。
它将第一个vhost证书作为默认值 - 我猜
任何人都可以帮我解决问题,
Bellow是我的http.conf
<VirtualHost ip:80>
DocumentRoot /app/
ServerAlias *.app.fr
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(.+)\.app\.fr$ [NC]
RewriteCond %{HTTP_HOST} !=www.app.fr
RewriteRule (.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>
<VirtualHost ip:80>
DocumentRoot /app/
ServerAlias *.app.com
RewriteEngine on
RewriteCond %{HTTP_HOST} ^(.+)\.app\.com$ [NC]
RewriteCond %{HTTP_HOST} !=www.app.com
RewriteRule (.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>
<VirtualHost ip:443>
DocumentRoot /app/
ServerAlias *.app.fr
SSLEngine on
SSLCertificateFile /certificate.crt
SSLCertificateKeyFile /fr_server.key
SSLCertificateChainFile /SSLCA2.pem
</VirtualHost>
#SSL app.com
<VirtualHost ip:443>
DocumentRoot /app/
ServerAlias *.app.com
SSLEngine on
SSLCertificateFile /certificate1.crt
SSLCertificateKeyFile /com_server.key
SSLCertificateChainFile /SSLCA2.pem
</VirtualHost>
答案 0 :(得分:0)
您需要生成SAN证书。