3
Конфигурация:Как настроить несколько субдоменов с SSL в Apache?
- Debian
- Apache2
- Wildcard SSL для: * .example.com
- субдомен: a.example.com, b.example.com.
- 1 выделенный сервер
- Сайты в NodeJS (ProxyPass ...)
На данный момент, я в состоянии получить a.example.com работать. Но как я могу сделать a.example.com и b.example.com работать на одном сервере?
/etc/apache2/site-enable/a.example.com.conf
<VirtualHost *:80>
ServerName a.example.com
Redirect permanent/https://a.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.a.example.com
Redirect permanent/https://a.example.com
</VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName a.example.com
ServerAlias www.a.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:4949/
ProxyPassReverse http://localhost:4949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
UPDATE --- Если я попробовать это:
/etc/apache2/site-enable/b.example.com.conf
<VirtualHost *:80>
ServerName b.example.com
Redirect permanent/https://b.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.example.com
Redirect permanent/https://b.example.com
/VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName b.example.com
ServerAlias www.b.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
Я получаю
[....] Restarting web server: apache2[Thu Jul 21 14:58:01 2016] [warn] module passenger_module is already loaded, skipping
[Thu Jul 21 14:58:01 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Thu Jul 21 14:58:01 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
... waiting [Thu Jul 21 14:58:02 2016] [warn] module passenger_module is already loaded, skipping
[Thu Jul 21 14:58:02 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Thu Jul 21 14:58:02 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
(98)Address already in use: make_sock: could not bind to address [::]:443
--- UPDATE
Я удалил Listen 443 на б .exemple.com.conf
Но теперь у меня есть это:
a.example.com ---> b.example.com
b.example.com ---> b.example.com
Проблема заключается в том, что, когда я пытаюсь получить доступ к, я перенаправлены б
Что я делаю неправильно?
/etc/apache2/site-enable/b.example.com.conf
<VirtualHost *:80>
ServerName b.example.com
Redirect permanent/https://b.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.example.com
Redirect permanent/https://b.example.com
/VirtualHost>
<VirtualHost *:443>
ServerName b.example.com
ServerAlias www.b.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
- ОБНОВЛЕНИЕ НАШЕЛ РЕШЕНИЕ:)
Я наконец нашел решение моей проблемы, спасибо за вашу помощь!
<IfModule mod_ssl.c>
Listen 443
NameVirtualHost *:443
</IfModule>
<VirtualHost *:443>
ServerName www.example.fr
DocumentRoot "/var/www/html/404"
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.fr
Redirect permanent/https://a.example.fr
</VirtualHost>
<VirtualHost *:80>
ServerName a.example.fr
Redirect permanent/https://a.example.fr
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName a.example.fr
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:4949/
ProxyPassReverse http://localhost:4949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/serveurA.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
<VirtualHost *:80>
ServerName b.example.fr
Redirect permanent/https://b.example.fr
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName b.example.fr
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/serveurA.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
Ну, вы просто добавляете второй хост ssl и настраиваете те же файлы сертификатов, которые будут использоваться. – arkascha
См. Мое обновление :) –
Похоже, вы используете команду 'Listen 443' _twice_, один раз в каждом файле? – arkascha