Apache-2.2
無法使用自簽名 SSL 證書
我嘗試在 Firefox 中載入網站的 https 版本時收到“無法連接”錯誤消息。
日誌文件中沒有錯誤資訊,只有:
[Thu Dec 09 16:55:24 2010] [warn] Init: Session Cache is not configured [hint: SSLSessionCache] [Thu Dec 09 16:55:25 2010] [notice] Digest: generating secret for digest authentication ... [Thu Dec 09 16:55:25 2010] [notice] Digest: done [Thu Dec 09 16:55:26 2010] [notice] Apache/2.2.16 (FreeBSD) mod_ssl/2.2.16 OpenSSL/0.9.8n DAV/2 PHP/5.3.3 with Suhosin-Patch configured -- resuming normal operations
我遵循了本指南:http ://www.akadia.com/services/ssh_test_certificate.html
我的配置文件如下所示:
<Directory "/usr/local/www/apache22/data"> # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.2/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride All # # Controls who can get stuff from this server. # Order allow,deny Allow from all </Directory> NameVirtualHost *:443 <VirtualHost *:443> DocumentRoot "/usr/local/www/apache22/data" ServerName "domain.name" SSLEngine on SSLCertificateFile /some-folder/ssl-key/server.crt SSLCertificateKeyFile /some-folder/ssl-key/server.key CustomLog "/some-folder/log/httpd-ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> NameVirtualHost *:80 <VirtualHost *:80> DocumentRoot "/usr/local/www/apache22/data" ServerName "domain.name" </VirtualHost>
(編輯了少量,但你應該能夠看到我做的對/錯…)
預設情況下(據我所知),Apache 不會監聽埠 443(用於 SSL 通信的埠)。因此,為了能夠連接到新配置的 SSL 伺服器,您需要在配置中包含以下行:
Listen 443
配置虛擬主機不會自動使伺服器偵聽配置中指定的埠。