OSX本地SSL不受尊重?

时间:2011-06-10 13:57:38

标签: cakephp ssl apache2 cakephp-1.3

我显然遗漏了一些东西,可能是显而易见的东西,但我只是没有看到它。我在我的MBP上配置了自签名证书(通过Macports运行Apache)。它是*.local的通配符证书,我为我正在处理的站点配置了一个命名虚拟主机,但当我尝试通过https访问它时,PHP的$_SERVER变量表明SSL访问没有得到承认/尊重。即使我正在访问https://mynamedhost.localPORT密钥也会报告端口80,并且不存在HTTPS密钥。

这是一个CakePHP网站,因此缺少HTTPS密钥会阻止RequestHandler::isSSL()报告为真。任何见解都会非常感激。

这是我的httpd设置输出:

$ httpd -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443                  is a NameVirtualHost
     default server www.example.com (/opt/local/apache2/conf/extra/httpd-ssl.conf:74)
     port 443 namevhost www.example.com (/opt/local/apache2/conf/extra/httpd-ssl.conf:74)
     port 443 namevhost mynamedhost.local (/Users/rob/Library/Application Support/MacPorts/apache/conf.d/mynamedhost.conf:17)
*:80                   is a NameVirtualHost
     default server localhost (/Users/rob/Dropbox/Application Support/apache/conf.d.osx/_localhost.conf:1)
     port 80 namevhost localhost (/Users/rob/Dropbox/Application Support/apache/conf.d.osx/_localhost.conf:1)
     port 80 namevhost mynamedhost.local (/Users/rob/Library/Application Support/MacPorts/apache/conf.d/mynamedhost.conf:1)
Syntax OK

我的namedhost虚拟主机定义如下所示:

<VirtualHost *:80>
  ServerName   mynamedhost.local
  DocumentRoot /var/www/mynamedhost/app/webroot

  ErrorLog     /var/www/.logs/mynamedhost_error_log
  CustomLog    /var/www/.logs/mynamedhost_access_log common

  <Directory /var/www/mynamedhost/app/webroot>
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    Allow from all
  </Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerName    namedhost.local
  DocumentRoot  /var/www/mynamedhost/app/webroot

  ErrorLog     /var/www/.logs/mynamedhost_error_log
  CustomLog    /var/www/.logs/mynamedhost_access_log common

  <Directory /var/www/mynamedhost/app/webroot>
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    Allow from all
  </Directory>
</VirtualHost>

1 个答案:

答案 0 :(得分:0)

知道了。在Macports extras/httpd-ssl.conf文件中,已启用SSL引擎并定义了证书文件。我认为这会流向自定义虚拟主机,但我错了。在云雀中,我决定将以下内容放入*:443虚拟主机定义:

SSLEngine on
SSLCertificateFile "/opt/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/local/apache2/conf/server.key"

现在一切似乎都按预期工作了。我仍然认为我的配置中有一些时髦的东西,但现在必须要好了。对于在家玩的任何人,修改后的虚拟主机配置看起来像这样(如上所示的*:80配置没有改变):

<VirtualHost *:443>
  ServerName    mynamedhost.local
  DocumentRoot  /var/www/mynamedhost/app/webroot

  ErrorLog     /var/www/.logs/mynamedhost_error_log
  CustomLog    /var/www/.logs/mynamedhost_access_log common

  SSLEngine on
  SSLCertificateFile "/opt/local/apache2/conf/server.crt"
  SSLCertificateKeyFile "/opt/local/apache2/conf/server.key"

  <Directory /var/www/mynamedhost/app/webroot>
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    Allow from all
  </Directory>
</VirtualHost>
相关问题
最新问题