我在我的服务器上创建了一个虚拟主机,我想为它设置 HTTPS。 我已经复制了另一个虚拟主机文件,但我得到了
"Your connection is not secure"
该文件在其他站点 (site1) 上运行良好。我是否也应该为第二个网站 (mywebsite.com) 创建不同的证书?如果是,那我该怎么做。
这是我的 /etc/apache2/sites-available/www.mywebsite.com.conf
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.dev.clevvermail.com
DocumentRoot /var/www/vhosts/ww.mywebsite.com-dev/current
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
Redirect 301 / https://www.mywebsite.com/
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/vhosts/mywebsite.com-dev/current
ServerName www.dev.clevvermail.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www2.site1.com-0001/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www2.site1.com-0001/privkey.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /var/www/vhosts/mywebsite.com-dev/ >
Options Indexes FollowSymLinks
AllowOverride All
</Directory>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
SSLCertificateChainFile /etc/letsencrypt/live/www2.site1.com-0001/chain.pem
</VirtualHost>
</IfModule>
最佳答案
您只需为您的 VirtualHost mywebsite.com 使用不同的 SSL 证书 我看到您正在使用 Letsencrypt,因此您可以创建一个新证书,如下所示(您说该证书适用于 site1,所以 Letsencrypt 安装正常):
cd /opt/letsencrypt
您可以查看谁在使用 443 端口:
sudo netstat -t -l -n -p | grep 443
大多数时候它会是 Apache,所以停止它:
sudo service apache2 stop
创建证书
sudo -H ./letsencrypt-auto certonly --standalone -d www.mywebsite.com
你会得到:
IMPORTANT NOTES: - Congratulations! Your certificate and chain have been saved at /etc/letsencrypt/live/www.mywebsite.com/fullchain.pem. Your cert will expire on 2017-07-17. To obtain a new or tweaked version of this certificate in the future, simply run letsencrypt-auto again. To non-interactively renew all of your certificates, run "letsencrypt-auto renew"
然后设置到.conf文件中重启apache2
...
SSLCertificateFile /etc/letsencrypt/live/www.mywebsite.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.mywebsite.com/privkey.pem
...
不要忘记启动 Apache:
sudo service apache2 start
关于apache - 为我的虚拟主机设置 SSL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43470374/