Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
无法在Centos7 apache2上安装Comodo SSL证书_Ssl_Ssl Certificate_Centos7 - Fatal编程技术网

无法在Centos7 apache2上安装Comodo SSL证书

无法在Centos7 apache2上安装Comodo SSL证书,ssl,ssl-certificate,centos7,Ssl,Ssl Certificate,Centos7,我买了科摩多。现在我有certificate.key和包含4个文件的zip存档 AddTrustExternalCARoot.crt, COMODORSADomainValidationSecureServerCA.crt, COMODORSAAddTrustCA.crt, my_domain_ru.crt 首先,我读到我必须将这些文件合并到一个mySite.ca-build中 cat my_site_ru.crt COMODORSADomainValidationSecureServ

我买了科摩多。现在我有certificate.key和包含4个文件的zip存档

AddTrustExternalCARoot.crt, 
COMODORSADomainValidationSecureServerCA.crt, 
COMODORSAAddTrustCA.crt, 
my_domain_ru.crt
首先,我读到我必须将这些文件合并到一个mySite.ca-build中

cat my_site_ru.crt  COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > mySite.ca-bundle
其次,我将这些文件保存到/usr/local/ssl/my_site/

然后我去

/etc/httpd/conf.d/my_site_ru.conf

加上这个

 SSLEngine On
 SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
 SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
 SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
但之后

systemctl restart httpd
我犯了个错误

错误的请求您的浏览器发送了此服务器无法接收的请求 懂原因:您正在对启用SSL的服务器使用普通HTTP 服务器端口。请改用HTTPS方案访问此URL

如果我尝试用打开我的站点,我将看到下一步

连接不安全


您在端口80上已打开SSL配置,其中应为非SSL配置

您必须有两个apache配置:一个用于端口80,其中没有SSL指令;另一个用于端口443,其中打开SSL

简单的例子:

<VirtualHost IP_Address:80>
     ...Some configurations here...
</VirtualHost>
<VirtualHost IP_Address:443>
     SSLEngine On
     SSLCertificateFile /usr/local/ssl/my_site/my_site_ru.crt
     SSLCertificateKeyFile /usr/local/ssl/my_site/certificate.key
     SSLCertificateChainFile /usr/local/ssl/my_site/mySite.ca-bundle
     ... another configuration, such as ServerName, DocumentRoot, etc. ...
</VirtualHost>

如果我在my_site.conf中添加了两个虚拟主机,则无法重新启动httpd1并检查日志。2使用apachectl-t命令检查apache配置。