Apache2.4正在搞乱SSL证书
我有以下带有两个SSL证书的虚拟主机配置 对于域*.example.com和*.dev.example.com:Apache2.4正在搞乱SSL证书,apache,apache2,apache2.4,Apache,Apache2,Apache2.4,我有以下带有两个SSL证书的虚拟主机配置 对于域*.example.com和*.dev.example.com: <VirtualHost *:443> ServerName site.example.com SSLEngine on SSLProxyEngine on SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLCertificateFile /etc/apa
<VirtualHost *:443>
ServerName site.example.com
SSLEngine on
SSLProxyEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /etc/apache2/ssl/certs/example.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/example.key
ProxyPreserveHost on
ProxyPass / http://192.168.1.101:8073/
ProxyPassReverse / http://192.168.1.101:8073/
</VirtualHost>
<VirtualHost *:443>
ServerName site.dev.example.com
SSLEngine on
SSLProxyEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /etc/apache2/ssl/certs/dev_example.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/dev_example.key
ProxyPreserveHost on
ProxyPass / http://192.168.1.102:8073/
ProxyPassReverse / http://192.168.1.102:8073/
</VirtualHost>
<VirtualHost *:443>
ServerAlias *.dev.example.com
SSLEngine on
SSLProxyEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /etc/apache2/ssl/certs/dev_example.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/dev_example.key
<Proxy balancer://devcluster>
BalancerMember http://192.168.1.201:8182
BalancerMember http://192.168.1.202:8182
</Proxy>
ProxyPass / balancer://devcluster/
ProxyPassReverse / balancer://devcluster/
</VirtualHost>
<VirtualHost *:443>
ServerAlias *.example.com
SSLEngine on
SSLProxyEngine on
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
SSLCertificateFile /etc/apache2/ssl/certs/example.crt
SSLCertificateKeyFile /etc/apache2/ssl/private/example.key
<Proxy balancer://mycluster>
BalancerMember http://192.168.1.203:8182
BalancerMember http://192.168.1.204:8182
</Proxy>
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/
</VirtualHost>
ServerName site.example.com
斯伦金安
SSLProxyEngine打开
SSLOptions+FakeBasicAuth+ExportCertData+StrictRequire
SSLCertificateFile/etc/apache2/ssl/certs/example.crt
SSLCertificateKeyFile/etc/apache2/ssl/private/example.key
代理主机
ProxyPass/http://192.168.1.101:8073/
ProxyPassReverse/http://192.168.1.101:8073/
ServerName site.dev.example.com
斯伦金安
SSLProxyEngine打开
SSLOptions+FakeBasicAuth+ExportCertData+StrictRequire
SSLCertificateFile/etc/apache2/ssl/certs/dev_example.crt
SSLCertificateKeyFile/etc/apache2/ssl/private/dev_example.key
代理主机
ProxyPass/http://192.168.1.102:8073/
ProxyPassReverse/http://192.168.1.102:8073/
ServerAlias*.dev.example.com
斯伦金安
SSLProxyEngine打开
SSLOptions+FakeBasicAuth+ExportCertData+StrictRequire
SSLCertificateFile/etc/apache2/ssl/certs/dev_example.crt
SSLCertificateKeyFile/etc/apache2/ssl/private/dev_example.key
平衡员http://192.168.1.201:8182
平衡员http://192.168.1.202:8182
ProxyPass/balancer://devcluster/
ProxyPassReverse/balancer://devcluster/
ServerAlias*.example.com
斯伦金安
SSLProxyEngine打开
SSLOptions+FakeBasicAuth+ExportCertData+StrictRequire
SSLCertificateFile/etc/apache2/ssl/certs/example.crt
SSLCertificateKeyFile/etc/apache2/ssl/private/example.key
平衡员http://192.168.1.203:8182
平衡员http://192.168.1.204:8182
ProxyPass/balancer://mycluster/
ProxyPassReverse/balancer://mycluster/
访问网站时,我会得到以下信息:
是Apache故障还是我的配置有问题?您需要为每个SSL虚拟主机选择一个唯一的服务器名,即使您希望服务器别名代表您需要的内容。mod_ssl使用服务器名作为SNI的密钥。您需要为每个ssl虚拟主机选择一个唯一的服务器名,即使您希望服务器别名代表您所需的内容。mod_ssl使用服务器名作为SNI的密钥。您仍然可以使用服务器别名,但不能使用Omi servername或dup。您仍然可以使用服务器别名,但不能使用Omi servername或dup