Apache 无法使用httpd-SSL.conf将SSL连接到Wamp服务器
在从DYNU.net购买SSL证书并创建csr供他们签名并向我发送证书之后 最后得到了3个文件 每个文件都是.CER文件而不是.CRT文件Apache 无法使用httpd-SSL.conf将SSL连接到Wamp服务器,apache,ssl,Apache,Ssl,在从DYNU.net购买SSL证书并创建csr供他们签名并向我发送证书之后 最后得到了3个文件 每个文件都是.CER文件而不是.CRT文件 domain.cer 中间层 inter2.cer 现在是时候配置WAMP服务器了。(3.1.9) 所以我转到httpd-ssl.conf文件并进行如下编辑 #SSLRandomSeed startup file:/dev/random 512 #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomS
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
Listen 443
#SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLCipherSuite HIGH:+MEDIUM:!SSLv2:!EXP:!ADH:!aNULL:!eNULL:!NULL
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
#SSLSessionCache "dbm:${SRVROOT}/logs/ssl_scache"
SSLSessionCache "shmcb:${SRVROOT}/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
#SSLUseStapling On
#SSLStaplingCache "shmcb:${SRVROOT}/logs/ssl_stapling(32768)"
#SSLStaplingStandardCacheTimeout 3600
#SSLStaplingErrorCacheTimeout 600
<VirtualHost _default_:443>
DocumentRoot "${SRVROOT}/htdocs"
ServerName localhost:443
ServerAdmin codelyfe@gmail.com
ErrorLog "${SRVROOT}/logs/error.log"
TransferLog "${SRVROOT}/logs/access.log"
SSLEngine on
SSLCertificateFile "${SRVROOT}/conf/domain.cer"
#SSLCertificateFile "${SRVROOT}/conf/server-dsa.crt"
#SSLCertificateFile "${SRVROOT}/conf/server-ecc.crt"
SSLCertificateKeyFile "${SRVROOT}/conf/private.key"
#SSLCertificateKeyFile "${SRVROOT}/conf/server-dsa.key"
#SSLCertificateKeyFile "${SRVROOT}/conf/server-ecc.key"
#SSLCertificateChainFile "${SRVROOT}/conf/server-ca.crt"
#SSLCACertificatePath "${SRVROOT}/conf/ssl.crt"
#SSLCACertificateFile "${SRVROOT}/conf/ssl.crt/ca-bundle.crt"
#SSLCARevocationPath "${SRVROOT}/conf/ssl.crl"
#SSLCARevocationFile "${SRVROOT}/conf/ssl.crl/ca-bundle.crl"
#SSLCARevocationCheck chain
#SSLVerifyClient require
#SSLVerifyDepth 10
#SSLSRPVerifierFile "${SRVROOT}/conf/passwd.srpv"
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "${SRVROOT}/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "${SRVROOT}/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
#SSLRandomSeed启动文件:/dev/random 512
#SSLRandomSeed启动文件:/dev/uradom 512
#SSLRandomSeed连接文件:/dev/random 512
#SSLRandomSeed连接文件:/dev/uradom 512
听我说
#SSLCipherSuite高:中:!MD5:!RC4:!3DES
SSLCipherSuite高:+中:!SSLv2:!经验:!ADH:!阿努尔:!埃努尔:!无效的
SSLProxyCipherSuite高:中:!MD5:!RC4:!3DES
SSLHonorCipherOrder开启
SSLProtocol all-SSLv3
SSLProxyProtocol all-SSLv3
SSLPassPhraseDialog内置
#SSLSessionCache“dbm:${SRVROOT}/logs/ssl_scache”
SSLSessionCache“shmcb:${SRVROOT}/logs/ssl_scache(512000)”
SSLSessionCacheTimeout 300
#SSLUS建立在
#SSLStaplingCache“shmcb:${SRVROOT}/logs/ssl_装订(32768)”
#SSLSTAPLINGS标准缓存超时3600
#SSLStaplingErrorCacheTimeout 600
DocumentRoot“${SRVROOT}/htdocs”
ServerName本地主机:443
服务器管理员codelyfe@gmail.com
ErrorLog“${SRVROOT}/logs/error.log”
TransferLog“${SRVROOT}/logs/access.log”
斯伦金安
SSLCertificateFile“${SRVROOT}/conf/domain.cer”
#SSLCertificateFile“${SRVROOT}/conf/server dsa.crt”
#SSLCertificateFile“${SRVROOT}/conf/server ecc.crt”
SSLCertificateKeyFile“${SRVROOT}/conf/private.key”
#SSLCertificateKeyFile“${SRVROOT}/conf/server dsa.key”
#SSLCertificateKeyFile“${SRVROOT}/conf/server ecc.key”
#SSLCertificateChainFile“${SRVROOT}/conf/server-ca.crt”
#SSLCACertificatePath“${SRVROOT}/conf/ssl.crt”
#SSLCACertificateFile“${SRVROOT}/conf/ssl.crt/ca bundle.crt”
#sslcaverocationpath“${SRVROOT}/conf/ssl.crl”
#sslcaverocationfile“${SRVROOT}/conf/ssl.crl/ca bundle.crl”
#SSLCARevocationCheck链
#SSLVerifyClient要求
#SSLVerifyDepth 10
#SSLSRPVerifierFile“${SRVROOT}/conf/passwd.srpv”
#
#SSLRequire(%%{SSL_CIPHER}!~m/^(EXP|NULL)/\
#以及%{SSL_CLIENT_S_DN_O}eq“蛇油有限公司”\
#和{“Staff”、“CA”、“Dev}中的%{SSL_CLIENT_S_DN_OU}\
#和%{TIME\u WDAY}>=1和%{TIME\u WDAY}=8和%{TIME\u HOUR}
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
#
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
#
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>