我們希望將SSL證書安裝到網站(我們已將SSL安裝到多個頁面,沒有任何問題,但這次我們遇到了問題)。安裝SSL時網頁下降
當我們在apache Vhost中激活證書時,頁面保持空白。
服務器網絡是Apache2的,他的數據:
Server version: Apache/2.2.22 (Debian)
Server built: Jan 31 2014 18:55:37
Server's Module Magic Number: 20051115:30
Server loaded: APR 1.4.6, APR-Util 1.4.1
Compiled using: APR 1.4.6, APR-Util 1.4.1
Architecture: 32-bit
Server MPM: Prefork
threaded: no
forked: yes (variable process count)
Server compiled with....
-D APACHE_MPM_DIR="server/mpm/prefork"
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=128
-D HTTPD_ROOT="/etc/apache2"
-D SUEXEC_BIN="/usr/lib/apache2/suexec"
-D DEFAULT_PIDLOG="/var/run/apache2.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_LOCKFILE="/var/run/apache2/accept.lock"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="mime.types"
-D SERVER_CONFIG_FILE="apache2.conf"
的S.O:是的Debian GNU/Linux的7.5(喘息)。
針對該域名的虛擬主機的Apache:
/*****************Apache2 Vhost MyDomain.com*****************************/
<VirtualHost *:443>
ServerName mydomain.com
ServerAdmin [email protected]
ServerAlias www.MyDomain.com MyDomain.com
Include /etc/apache2/mods-available/fcgid.conf
SuexecUserGroup www.MyDomain.com MyDomain.com
<Directory /var/www/virtual/MyDomain.com/ftp/htdocs>
FCGIWrapper /var/www/virtual/MyDomain.com/conf/fcgid .php
<FilesMatch \.php$>
SetHandler fcgid-script
</FilesMatch>
Options +ExecCGI -Indexes
Order allow,deny
allow from all
AllowOverride All
</Directory>
DocumentRoot /var/www/virtual/MyDomain.com/ftp/htdocs
LogLevel warn
ErrorLog /var/www/virtual/MyDomain.com/logs/error.log
CustomLog /var/www/virtual/MyDomain.com/logs/access.log combined
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/SSLCertificat.crt
SSLCertificateKeyFile /etc/apache2/ssl/private.key
SSLCertificateChainFile /etc/apache2/ssl/Intermediate.crt
ScriptAlias /cgi-bin/ /var/www/virtual/MyDomain.com/ftp/cgi-bin/
<Directory /var/www/virtual/MyDomain.com/ftp/cgi-bin>
AllowOverride AuthConfig
Options ExecCGI -Indexes
Order allow,deny
Allow from all
</Directory>
Alias /awstats-icon/ /usr/share/awstats/icon/
ScriptAlias /awstats/ /var/www/virtual/MyDomain.com/cgi-bin/
<Directory /var/www/virtual/MyDomain.com/cgi-bin>
AllowOverride AuthConfig
Options ExecCGI -Indexes
Order allow,deny
Allow from all
</Directory>
Alias /awstats-icon/ /usr/share/awstats/icon/
ScriptAlias /awstats/ /var/www/virtual/MyDomain.com/cgi-bin/
<Directory /var/www/virtual/MyDomain.com/cgi-bin>
AllowOverride AuthConfig
Options ExecCGI -Indexes
Order allow,deny
Allow from all
</Directory>
<IfModule mod_bw.c>
BandwidthModule On
ForceBandWidthModule On
Bandwidth all 204800
MaxConnection all 50
</Ifmodule>
</VirtualHost>
/*************************************************************************/
的ports.conf:
/**************************************************************************/
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
#XXX.XXX.XXX is the server Ip.
Listen 443
Listen XXX.XXX.XXX:8080
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
Listen XXX.XXX.XXX:8080
</IfModule>
/**************************************************************************/
這是apache2.conf:
/**************************************************************************/
LockFile ${APACHE_LOCK_DIR}/accept.lock
PidFile ${APACHE_PID_FILE}
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 5
<IfModule mpm_prefork_module>
StartServers 5
MinSpareServers 5
MaxSpareServers 10
MaxClients 100
ServerLimit 100
MaxRequestsPerChild 1000
</IfModule>
<IfModule mpm_event_module>
StartServers 2
MinSpareThreads 25
MaxSpareThreads 75
ThreadLimit 64
ThreadsPerChild 25
MaxClients 150
MaxRequestsPerChild 0
</IfModule>
User ${APACHE_RUN_USER}
Group ${APACHE_RUN_GROUP}
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy all
</Files>
DefaultType None
HostnameLookups Off
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
Include mods-enabled/*.load
Include mods-enabled/*.conf
Include ports.conf
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
Include conf.d/
Include sites-enabled/
/**************************************************************************/
在我們的日誌這個錯誤(儘管我們不相信這是頁面掉落的原因):
[警告] RSA服務器證書CommonName(CN)`MyServerName'不是 匹配服務器名稱!?
請任何人都可以幫助我們解決這個問題嗎?
在此先感謝
謝謝你的評論。 我們已經獲得該域的證書(mydomain。com),並且該命令返回結果: ** X509v3使用者備用名稱: DNS:www.mydomain.com,DNS:otherdomain.com,**。 所以在虛擬主機,我們嘗試了兩種方式:ServerName有和沒有www,但仍然無法正常工作。另一個想法? ports.conf文件是正確的? – CRMarketing
當您嘗試使用瀏覽器在https中加載網站時,您是否可以發佈訪問和錯誤的日誌信息? – Froggiz