Apache virtualhost根目录、www和子域设置,包括http到https
我被卡住了。如果你能帮忙,我将不胜感激 AWS EC2 Ubuntu上的两个网站(wordpress和另一个php工具) 18.04实例运行灯组 我的目的是实现:Apache virtualhost根目录、www和子域设置,包括http到https,apache,.htaccess,ssl,virtualhost,lets-encrypt,Apache,.htaccess,Ssl,Virtualhost,Lets Encrypt,我被卡住了。如果你能帮忙,我将不胜感激 AWS EC2 Ubuntu上的两个网站(wordpress和另一个php工具) 18.04实例运行灯组 我的目的是实现: http://www.example.com http://example.com https://www.example.com 收件人:https://example.com 及 http://app.example.com 收件人:https://app.example.com 我已经按预期配置了virtualhost并
http://www.example.com
http://example.com
https://www.example.com
https://example.com
及
http://app.example.com
https://app.example.com
我已经按预期配置了virtualhost并开始工作,然后通过letsencrypt创建了https证书,该证书设置了HTTP到https的重定向…但是…出现了一些问题:
HTTP全部重定向到HTTPS
https://app.example.com
解析为预期网站-网站1
https://example.com
不解析到网站2-它解析到网站1-注意它没有重定向到应用程序。但在https://example.com
我有两个virtualhost conf文件,每个站点一个。两个站点都包含80和443配置,如下所示
SSL证书的通用名称为example.com,并列出了app.example.com
、www.example.com
和example.com
的备选名称
DNS将example.comA
连接到服务器IP,www.
和app.
是CNAME
连接到example.com
app.example.com.conf-网站1
<VirtualHost *:80>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1/
ServerName example.com
ServerAlias app.example.com
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteCond %{SERVER_NAME} =app.example.com [OR]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jimmy@example.com
DocumentRoot /var/www/website1
ServerName example.com
ServerAlias app.example.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website1/>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
服务器管理员jimmy@example.com
DocumentRoot/var/www/website1/
ServerName example.com
ServerAlias app.example.com
选项如下符号链接
允许超越所有
要求所有授权
ErrorLog${APACHE_LOG_DIR}/error.LOG
CustomLog${APACHE\u LOG\u DIR}/access.LOG组合
重新启动发动机
RewriteCond%{SERVER_NAME}=app.example.com[或]
重写规则^https://%{SERVER_NAME}%{REQUEST_URI}[END,NE,R=permanent]
服务器管理员jimmy@example.com
DocumentRoot/var/www/website1
ServerName example.com
ServerAlias app.example.com
ErrorLog${APACHE_LOG_DIR}/error.LOG
CustomLog${APACHE\u LOG\u DIR}/access.LOG组合
选项如下符号链接
允许超越所有
要求所有授权
Include/etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile/etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile/etc/letsencrypt/live/example.com/privkey.pem
example.com.conf-网站2
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:80>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.example.com [OR]
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot /var/www/website2
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/website2/>
AllowOverride All
</Directory>
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>
</IfModule>
服务器管理员jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot/var/www/website2
ErrorLog${APACHE_LOG_DIR}/error.LOG
CustomLog${APACHE\u LOG\u DIR}/access.LOG组合
允许超越所有
重新启动发动机
RewriteCond%{SERVER_NAME}=example.com
重写规则^https://%{SERVER_NAME}%{REQUEST_URI}[END,NE,R=permanent]
服务器管理员jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot/var/www/website2
ErrorLog${APACHE_LOG_DIR}/error.LOG
CustomLog${APACHE\u LOG\u DIR}/access.LOG组合
允许超越所有
重新启动发动机
RewriteCond%{SERVER_NAME}=www.example.com[或]
RewriteCond%{SERVER_NAME}=example.com
重写规则^https://%{SERVER_NAME}%{REQUEST_URI}[END,NE,R=permanent]
服务器管理员jim@example.com
ServerName example.com
ServerAlias example.com
DocumentRoot/var/www/website2
ErrorLog${APACHE_LOG_DIR}/error.LOG
CustomLog${APACHE\u LOG\u DIR}/access.LOG组合
允许超越所有
Include/etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile/etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile/etc/letsencrypt/live/example.com/privkey.pem
服务器管理员jim@example.com
ServerName example.com
ServerAlias www.example.com
DocumentRoot/var/www/website2
ErrorLog${APACHE_LOG_DIR}/error.LOG
CustomLog${APACHE\u LOG\u DIR}/access.LOG组合
允许超越所有
Include/etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile/etc/letsencrypt/live/example.com/fullchain.pem
SSLCertificateKeyFile/etc/letsencrypt/live/example.com/privkey.pem
我真的非常感谢任何帮助,建议和任何其他想法
https://example.com
不解析到网站2-它解析到网站1-注意它没有重定向到应用程序。但在https://example.com
是的,因为您的所有vhost都将example.com
定义为ServerName
,我希望website1首先出现在配置中
对于app.example.com.conf(网站1),您应该设置ServerName app.example.com
,并删除vhost:80和vhost:443容器的ServerAlias
指令
vhost:80容器中的HTTP到HTTPS重定向:
可以简化为单个mod_别名重定向
指令:
Redirect 301 / https://app.example.com/
对于example.com.conf(网站2),您复制了vhost:80和vhost:443容器,并在每个容器中定义了相同的ServerName example.com
——这是一个错误。完全有可能有4个这样的容器(并使用mod_aliasRedirect
指令),但您需要为每个vHost提供唯一的ServerName
指令,并减少重复
从您的角度来看,最简单的方法可能只是删除第二个(重复的)vhost:80和vhost:443容器,并在保留的vhost:80和vhost:443容器中设置以下内容
ServerName example.com
ServerAlias www.example.com
然后,我通过设置HTTP到https重定向的letsencrypt创建了https证书
使用LetsEncrypt创建SSL证书不应具有“设置HTTP到HTTPS重定向”对于“网站2”,您没有规范化非www或www子域-这是有意的吗?非常感谢@MrWhite,谢谢。关于LetsEncryt设置http->https重定向的要点,它添加了以下部分:
RewriteCond%{SERVER\u NAME}=app.example.com[OR]RewriteRule^https://%{SERVER\u NAME}%{REQUEST\u URI}[END,NE,R=permanent]
…所有
ServerName example.com
ServerAlias www.example.com