在Apache中的情況:
您可以在ELB或Apache/Nginx的終止SSL證書(服務器)級
在多租戶(多客戶)架構的情況下,我們可能需要在單個ELB下支持不同的客戶(不同域名 - * .abc.com,* .xyz.com),這在現有的ELB設置中不起作用。
解決方法:可以通過ELB像下面添加偵聽做到這一點:TCP 443(而不是HTTPS - 443) - 這將通過443名的請求。然後,你可以在服務器級別終止SSL證書
您必須從外部供應商(如GoDaddy)購買證書,並安裝&終止服務器級別的證書。
例如,Apache的虛擬主機看起來像
NameVirtualHost *:443
<VirtualHost *:443>
ServerName abc.com
####abc HTTPS Certificate
SSLEngine on
SSLCertificateFile /opt/organization/site/ssl_keys/abc/abc_gd.crt
SSLCertificateKeyFile /opt/organization/site/ssl_keys/abc/abc.pem
SSLCertificateChainFile /opt/organization/site/ssl_keys/abc/abc_gd_bundle.crt
WSGIScriptAlias//opt/organization/site/deployment-config/abc.wsgi
ServerSignature On
Alias /media/ /opt/organization/site/media/
<Directory /opt/organization/site/media/>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
NameVirtualHost *:80
<VirtualHost *:80>
ServerName abc.com
#Rewrite to HTTPS in case of HTTP
RewriteEngine On
RewriteCond %{SERVER_NAME} abc.com
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule . https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
WSGIScriptAlias//opt/organization/site/deployment-config/abc.wsgi
ServerSignature On
Alias /media/ /opt/organization/site/media/
<Directory /opt/organization/site/media/>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
我認爲這是對[超級用戶](http://superuser.com)或[服務器故障(http://serverfault.com問題)。你可能想要顯示你的Apache(?)配置。你想在這裏啓用的稱爲SNI--它允許瀏覽器告訴Web服務器將要請求的主機,以便提供正確的證書。 –