1. 首頁
  2. 問答
  3. 配置SSL證書在Apache Django的應用程序(mod_wsgi的)

配置SSL證書在Apache Django的應用程序(mod_wsgi的)

2015-09-27 112 views
4

我已經購買從namecheap.com一個SSL證書,並把我的Ubuntu服務器上的所需文件(關鍵& CRT的)。我使用mod_wsgi來爲我的Django應用程序提供Apache服務。我在安裝SSL證書時遇到問題。配置SSL證書在Apache Django的應用程序(mod_wsgi的)

當前配置(/etc/apache2/sites-available/000-default.conf)

<VirtualHost *:80> 
     ServerAdmin [email protected] 
     #DocumentRoot /var/www/html 

     ErrorLog ${APACHE_LOG_DIR}/error.log 
     CustomLog ${APACHE_LOG_DIR}/access.log combined 

     #Django Application 
     Alias /static /home/Django/professor/static_root 
     <Directory /home/Django/professor/static_root> 
       Require all granted 
     </Directory> 
     <Directory /home/Django/professor/professor> 
       <Files wsgi.py> 
         Require all granted 
       </Files> 
     </Directory> 

     WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages 
     WSGIProcessGroup professor 
     WSGIScriptAlias//home/Django/professor/professor/wsgi.py 

     #ServerName example.com 
     #SSLEngine on 
     #SSLCertificateFile /etc/apache2/ssl/server.crt 
     #SSLCertificateKeyFile /etc/apache2/ssl/server.key 
     #SSLCACertificateFile /etc/apache2/ssl/intermediate.crt 

</VirtualHost>

我註釋掉的SSL證書的線條。目前,我的應用程序運行良好,但是當我取消註釋啓用SSL證書的行時,我的站點從/ var/www而不是應用程序提供文件。有任何想法嗎?

來源

2015-09-27 Kosuke Miyagi

回答

14

你的問題是,你的Apache配置爲僅針對80端口,因此它不會成爲網頁上https(端口443)。

在這個例子中我假設你想只通過https服務於自己的網站,這裏是如何你的配置應該大致模樣。

這裏是你的:000-default.conf

<VirtualHost *:80> 
    ServerName example.com 
    ServerAdmin [email protected] 

    ErrorLog ${APACHE_LOG_DIR}/error.log 
    CustomLog ${APACHE_LOG_DIR}/access.log combined 

    # This is optional, in case you want to redirect people 
    # from http to https automatically. 
    RewriteEngine On 
    RewriteCond %{SERVER_PORT} !^443$ 
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L] 

</VirtualHost>

現在這裏是default-ssl.conf

<VirtualHost *:443> 
    ServerName example.com 
    ServerAdmin [email protected] 

    # Django Application 
    Alias /static /home/Django/professor/static_root 
    <Directory /home/Django/professor/static_root> 
     Require all granted 
    </Directory> 

    <Directory /home/Django/professor/professor> 
     <Files wsgi.py> 
      Require all granted 
     </Files> 
    </Directory> 

    WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages 
    WSGIProcessGroup professor 
    WSGIScriptAlias//home/Django/professor/professor/wsgi.py 


    SSLEngine on 
    SSLCertificateFile /etc/apache2/ssl/server.crt 
    SSLCertificateKeyFile /etc/apache2/ssl/server.key 
    SSLCACertificateFile /etc/apache2/ssl/intermediate.crt 

</VirtualHost>

配置完成後,我們需要打開SSL站點和(可選)重寫MOD:

> sudo a2ensite default-ssl 
> sudo a2enmod rewrite 
> sudo service apache2 reload

來源

2015-09-28 04:14:59

+0

我已完成上述但由於某種原因有無限重定向循環列出的變化。有任何想法嗎?我相信它與我們的重寫配置有關。 –

+0

已修復,這是由於CloudFlare SSL欺騙Apache配置。感謝所有的幫助:) –

+2

@KosukeMiyagi,真棒,樂於幫助。不要忘記接受答案。 :) –

0

完成阿列克謝的答案,當我面臨的問題,我牛逼O禁止000-default.conf網站,並只使用SSL配置

來源

2017-09-17 02:20:49 leila

相關問題

 相關問題