使用Virtualhost在Apache中配置Ssl

Question

我试图为Ssl连接配置apache，但是当我尝试使用https访问网站时是不可能的。

这是我的网站的VirtualHost：

<VirtualHost *:443>
DocumentRoot "C:\xampp\htdocs\www.example.com"
ServerName www.example.com
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
</VirtualHost>

<VirtualHost *:443>
DocumentRoot "C:\xampp\htdocs\www.example.com"
ServerName example.com
SSLEngine on
SSLCertificateFile "conf/ssl.crt/server.crt"
SSLCertificateKeyFile "conf/ssl.key/server.key"
</VirtualHost>

我在c:\xampp\apache\conf\httpd.conf LoadModule rewrite_module modules/mod_rewrite.so中这一行之前省略了#

我在c：\xampp\apache\conf\以外\httpd-xampp.con中添加了这一行

<IfModule mod_rewrite.c>
    RewriteEngine On

    # Redirect /xampp folder to https
    RewriteCond %{HTTPS} !=on
    RewriteCond %{REQUEST_URI} xampp
    RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

    # Redirect /phpMyAdmin folder to https
    RewriteCond %{HTTPS} !=on
    RewriteCond %{REQUEST_URI} phpmyadmin
    RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

    # Redirect /security folder to https
    RewriteCond %{HTTPS} !=on
    RewriteCond %{REQUEST_URI} security
    RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]

    # Redirect /webalizer folder to https
    RewriteCond %{HTTPS} !=on
    RewriteCond %{REQUEST_URI} webalizer
    RewriteRule ^(.*) https://%{SERVER_NAME}$1 [R,L]
</IfModule>

我在以下文件的每个目录中添加了一个SSLRequireSSL指令：

Config File: c:\xampp\apache\conf\extra\httpd-xampp.conf
c:\xampp\phpmyadmin
c:\xampp\htdocs\xampp
c:\xampp\webalizer
c:\xampp\security\htdocs
Config File: c:\xampp\webdav
c:\xampp\webdav

重新启动apache时的错误日志：

[Fri Jun 23 10:00:24.739140 2017] [ssl:warn] [pid 5012:tid 268] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Fri Jun 23 10:00:24.742070 2017] [ssl:warn] [pid 5012:tid 268] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jun 23 10:00:24.947148 2017] [ssl:warn] [pid 5012:tid 268] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
[Fri Jun 23 10:00:24.948125 2017] [ssl:warn] [pid 5012:tid 268] AH01909: RSA certificate configured for localhost:443 does NOT include an ID which matches the server name
[Fri Jun 23 10:00:24.949101 2017] [ssl:warn] [pid 5012:tid 268] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Jun 23 10:00:25.077031 2017] [mpm_winnt:notice] [pid 5012:tid 268] AH00354: Child: Starting 150 worker threads.

有人能告诉我我做错了什么或失踪了什么吗？

Answer 1

请您更改ServerName指令以与apache所建议的证书公共名称相匹配吗？若要验证您在证书中使用的公共名称是否与服务器名称匹配，请运行

openssl x509 -in server.crt -noout -subject

如果这不起作用，你可以使用一个完全限定的域名，如mydomain.dev。要使其正常工作，请在主机文件中添加域，以便使用回送IP 127.0.0.1来解决--这类似于我的文章https://www.bizmate.biz/articles-mainmenu-2/18-little-it-tricks/48-ssl-virtualhost-apache2-xampp中的步骤1

这是如何更改您的主机文件。https://support.rackspace.com/how-to/modify-your-hosts-file/

另外，为了确定SSL配置是否正确，请您专注于此，并暂时禁用mod_rewrite。事实上，如果它不起作用，请使用我文章中的步骤，并还原到目前为止所做的任何更改/从头开始。然后，一旦您的浏览器和apache对证书和SSL加密感到满意，您就可以让mod_rewrite在以后工作。