讓我們在 Google Cloud 上加密 404 錯誤 - 計算引擎 - 虛擬機實例
我正在 Google 的 Compute Engine 上設置我的 Ubuntu 16.04 VM。我安裝了 Apache,它已經在 HTTP 上託管我的域,我想啟用 HTTPS。
到目前為止採取的步驟:
- 將 IP 從臨時更改為靜態:Google Cloud Platform > Networking > VPC network > External IP 地址
- 將“A”記錄添加到靜態 IP:domains.google.com > My Domains > Edit DNS
- 以下是執行的命令(我使用的是我的真實域,而不是“example.com”)…
命令
sudo mkdir -p /var/www/example.com/html sudo chmod -R 755 /var/www cd /etc sudo wget https://dl.eff.org/certbot-auto sudo chmod a+x certbot-auto cd /etc/apache2/sites-available sudo cp 000-default.conf example.com.conf
新的conf文件包含以下內容:
<VirtualHost *:80 *:443> ServerAdmin admin@example.com ServerName example.com ServerAlias www.example.com DocumentRoot /var/www/example.com/html ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>
我已啟用新的虛擬主機文件並重新載入
sudo a2ensite example.com.conf sudo service apache2 reload
在這一點上,我應該準備好執行 Let’s Encrypt
sudo certbot --apache -d example.com
我得到的錯誤是:
IMPORTANT NOTES: - The following errors were reported by the server: Domain: example.com Type: unauthorized Detail: Invalid response from http://example.com/.well-known/acme-challenge/MFEvXhKDwEPPKmNM1EyGky1YG9mAvH0e7i0Z_gqsbUc: "<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
我可以手動創建目錄
/var/www/example.com/html/.well-known/acme-challenge
,也可以向其中寫入文件。任何幫助是極大的讚賞!我已經在這個問題上待了 2 個晚上。
**解決方案更新:**按照@RalfFriedl 的回答生成 SSL 證書後,以下是安裝該證書的步驟:
- 為您的埠 HTTP 流量和 HTTPS 流量創建conf文件
cd /etc/apache2/sites-available sudo nano example.com.conf
此conf文件將包含以下內容:
`<VirtualHost *:80> ServerAdmin admin@example.com ServerName example.com ServerAlias www.example.com DocumentRoot /var/www/example.com/html
always redirect HTTP traffic to HTTPS
Redirect permanent / https://example.com/ ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost>`
sudo nano example.com-https.conf
此conf文件將包含以下內容:
<VirtualHost *:443> ServerAdmin admin@example.com DocumentRoot /var/www/example.com/html ServerName example.com ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined SSLEngine On SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost>
- 確保您已安裝 SSL 模組,然後啟用新的conf並重新載入 Apache 伺服器
sudo a2enmod rewrite sudo a2enmod ssl sudo a2ensite example.com-https.conf sudo service apache2 reload
Let’s Encrypt 驗證該域歸您所有。為此,它將從您的域中的 URL 檢索文件,在本例中為
http://example.com/.well-known/acme-challenge/MFEvXhKDwEPPKmNM1EyGky1YG9mAvH0e7i0Z_gqsbUc
. 似乎 certbot 無法從您的 apache 配置中解決這個問題。試試這個
sudo certbot --webroot --webroot-path /var/www/example.com/html -d example.com