Ssl-Certificate

如何向我的 apache2 伺服器添加標頭

  • August 19, 2019

我有一個僅用於測試的 apache2 Web 伺服器(不是生產伺服器)。它在 Ubuntu 18.04 上執行。我已經用 TLS 配置了它。我想添加一個標題。所以我導航到這個文件:/etc/apache2/sites-available/default-ssl.conf

現在的文件內容是:

<IfModule mod_ssl.c>
   <VirtualHost _default_:443>
       ServerAdmin hi@myownsite.com
       ServerName myownsite.com

       DocumentRoot /var/www/myownsite.com/html


       ErrorLog ${APACHE_LOG_DIR}/error.log
       CustomLog ${APACHE_LOG_DIR}/access.log combined

       #   SSL Engine Switch:
       SSLEngine on

       <FilesMatch "\.(cgi|shtml|phtml|php)$">
               SSLOptions +StdEnvVars
       </FilesMatch>
       <Directory /usr/lib/cgi-bin>
               SSLOptions +StdEnvVars
       </Directory>


       Header always set Expect-CT: max-age=86400, enforce, report-uri="https://myownserver.com/report"
   </VirtualHost>
</IfModule>

如您所見,最後我添加了當客戶端在 https:// 中打開站點時我想在伺服器響應中看到的標頭

但是,在我在 .conf 文件中添加標頭後,並希望重新載入 apache 以使更改生效,使用:

sudo systemctl reload apache2

我收到此錯誤:

Job for apache2.service failed because the control process exited with error code.
See "systemctl status apache2.service" and "journalctl -xe" for details.

誰能確定我的配置有什麼問題?如何解決問題?

編輯1:

執行後:systemctl status apache2.service

這是我得到的,但我不知道該怎麼辦。

● apache2.service - The Apache HTTP Server
  Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
 Drop-In: /lib/systemd/system/apache2.service.d
          └─apache2-systemd.conf
  Active: active (running) (Result: exit-code) since Mon 2019-08-19 12:26:44 BST; 47min ago
 Process: 2632 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=1/FAILURE)
 Process: 660 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
Main PID: 757 (apache2)
   Tasks: 55 (limit: 3548)
  CGroup: /system.slice/apache2.service
          ├─ 757 /usr/sbin/apache2 -k start
          ├─2369 /usr/sbin/apache2 -k start
          └─2370 /usr/sbin/apache2 -k start

Aug 19 12:59:04 e-VirtualBox apachectl[2502]: The Apache error log may have more information.
Aug 19 12:59:04 e-VirtualBox systemd[1]: apache2.service: Control process exited, code=exited stat
Aug 19 12:59:04 e-VirtualBox systemd[1]: Reload failed for The Apache HTTP Server.
Aug 19 13:08:16 e-VirtualBox systemd[1]: Reloading The Apache HTTP Server.
Aug 19 13:08:16 e-VirtualBox apachectl[2632]: AH00526: Syntax error on line 132 of /etc/apache2/si
Aug 19 13:08:16 e-VirtualBox apachectl[2632]: Too many arguments to directive
Aug 19 13:08:16 e-VirtualBox apachectl[2632]: Action 'graceful' failed.
Aug 19 13:08:16 e-VirtualBox apachectl[2632]: The Apache error log may have more information.
Aug 19 13:08:16 e-VirtualBox systemd[1]: apache2.service: Control process exited, code=exited stat
Aug 19 13:08:16 e-VirtualBox systemd[1]: Reload failed for The Apache HTTP Server.
lines 1-24/24 (END)

編輯2:

通過執行journalctl -xe我得到這個輸出:

-- 
-- Unit apache2.service has finished reloading its configuration
-- 
-- The result is RESULT.
Aug 19 13:19:54 e-VirtualBox sudo[2933]: pam_unix(sudo:session): session closed for user root
Aug 19 13:20:46 e-VirtualBox nautilus[2130]: Attempting to read the recently used resources file a
Aug 19 13:20:50 e-VirtualBox sudo[2960]:        e : TTY=pts/1 ; PWD=/etc/apache2/sites-available ;
Aug 19 13:20:50 e-VirtualBox sudo[2960]: pam_unix(sudo:session): session opened for user root by (
Aug 19 13:20:50 e-VirtualBox systemd[1]: Reloading The Apache HTTP Server.
-- Subject: Unit apache2.service has begun reloading its configuration
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit apache2.service has begun reloading its configuration
Aug 19 13:20:50 e-VirtualBox apachectl[2963]: AH00526: Syntax error on line 132 of /etc/apache2/si
Aug 19 13:20:50 e-VirtualBox apachectl[2963]: Too many arguments to directive
Aug 19 13:20:50 e-VirtualBox apachectl[2963]: Action 'graceful' failed.
Aug 19 13:20:50 e-VirtualBox apachectl[2963]: The Apache error log may have more information.
Aug 19 13:20:50 e-VirtualBox systemd[1]: apache2.service: Control process exited, code=exited stat
Aug 19 13:20:50 e-VirtualBox systemd[1]: Reload failed for The Apache HTTP Server.
-- Subject: Unit apache2.service has finished reloading its configuration
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit apache2.service has finished reloading its configuration
-- 
-- The result is RESULT.
Aug 19 13:20:50 e-VirtualBox sudo[2960]: pam_unix(sudo:session): session closed for user root
lines 1835-1862/1862 (END)

您需要為標頭值設置一個值,因此應使用引號,以免將空格視為不同的參數。

此外,您不應在標題名稱中包含冒號。

所以它應該是這樣的:

Header always set Expect-CT 'max-age=86400, enforce, report-uri="https://myownserver.com/report"'

您的具體錯誤是:

指令的參數太多

根據文件,您的標頭可能應設置為:

Header always merge Expect-CT max-age=86400
Header always merge Expect-CT enforce
Header always merge Expect-CT report-uri="https://myownserver.com/report"

引用自:https://serverfault.com/questions/979814