问题描述
我正在尝试设置apache-ubuntu-php Web服务器。我的网络服务器将托管多个SSL站点,每个SSL站点将具有其自己的IP地址(除非有更好的方法来执行此操作)。
因此,我认为第一步是让apache识别至少两个不同的IP地址。现在,我有一个网站的SSL和非SSL版本,分别为http://mysite.com和https://mysite.com。尽管两者当前都在我的服务器上运行,但是我不能让两者都使用不同的IP地址。目前,两者都使用IP 1.1.1.1。我购买了第二个IP地址2.2.2.2,但https://mysite.com无法接受,Firefox则报错”ssl_error_rx_record_too_long”。这是我的2个虚拟主机文件
/etc /apache2 /site-enabled /000-默认
#NameVirtualHost 1.1.1.1:80
#<VirtualHost 1.1.1.1:80>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
</VirtualHost>
/etc/apache2/site-enabled/mysite.com
<VirtualHost 1.1.1.1:80>
ServerAdmin john@mysite.com
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /srv/www/mysite.com/public_html/
ErrorLog /srv/www/mysite.com/logs/error.log
CustomLog /srv/www/mysite.com/logs/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
#<VirtualHost 2.2.2.2:443>
<VirtualHost *:443>
ServerAdmin john@mysite.com
ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot /srv/www/mysite.com/public_html/
ErrorLog /srv/www/mysite.com/logs/error.log
CustomLog /srv/www/mysite.com/logs/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/localcerts/www.mysite.com.crt
SSLCertificateKeyFile /etc/ssl/localcerts/www.mysite.com.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
</IfModule>
在mysite.com中,如果我将< VirtualHost *:443>替换为对于< VirtualHost 2.2.2.2:443>,Firefox抱怨错误”ssl_error_rx_record_too_long”。
因此,当我尝试在第三个IP地址上使用另一个SSL证书创建并启用/etc/apache2/site-enabled/mysite2.com时,Apache会抱怨”overlap”问题。
有人可以告诉我如何启动服务器,以便可以在不同域上托管多个SSL网站吗?我希望SSL证书在流行的OS(例如WinXP,Vista,Win7和OSX)上可用于IE 7 +,FF和Safari。
最佳办法
我已经通过调整/etc/apache2/ports.conf文件在服务器上进行了如下设置:
<IfModule mod_ssl.c>
NameVirtualHost *:443
# SSL name based virtual hosts are not yet supported, therefore no
# NameVirtualHost statement here
NameVirtualHost *:443
Listen 443
</IfModule>
然后,您应该可以通过编辑/etc/apache2/sites-enabled/mysite.com来使用它(省略一些代码以简化示例):
<VirtualHost *:443>
ServerName mysite1.com
SSLCertificateFile /etc/ssl/localcerts/www.mysite1.com.crt
SSLCertificateKeyFile /etc/ssl/localcerts/www.mysite1.com.pem
</VirtualHost>
<VirtualHost *:443>
ServerName mysite2.com
SSLCertificateFile /etc/ssl/localcerts/www.mysite2.com.crt
SSLCertificateKeyFile /etc/ssl/localcerts/www.mysite2.com.pem
</VirtualHost>
随心所欲的虚拟主机。
编辑:需要第二意见吗?转到此处:http://forum.slicehost.com/comments.php?DiscussionID=3244