Gau*_*kar 4 linux ssl apache-2.2
自过去 3 天以来,我一直面临一个奇怪的问题;在在这里发布我的问题之前,我已经完成了所有要求我做的事情。
我的 httpd.conf 如下所示:
NameVirtualHost *:443
Listen *:443
<VirtualHost server1.example.com:443>
ServerName server1
#ServerName server1.example.com
SSSLEngine on
</VirtualHost>
SSL 应用在 server1.example.com 上,但是当我们访问网站时,它只适用于 ServerName server1,而不适用于 ServerName server1.example.com。我们在任何配置和网络文件中都没有 server1。
因此,当我们执行此操作时https://server1.example.com/xyz/ --- 它适用于 ServerName server1 但不适用于 ServerName server1.example.com。
问题出在哪里;我不明白。/etc/hosts、/etc/sysconfig/network,我们没有server1;即使在 DNS 中也是如此。
请建议。
这是我们在错误日志中得到的:
[Thu Nov 24 11:40:14 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!?
[Thu Nov 24 11:40:14 2016] [notice] Digest: generating secret for digest authentication ...
[Thu Nov 24 11:40:14 2016] [notice] Digest: done
[Thu Nov 24 11:40:14 2016] [notice] SSL FIPS mode disabled
[Thu Nov 24 11:40:14 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!?
[Thu Nov 24 11:40:14 2016] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations
[Thu Nov 24 11:49:47 2016] [notice] caught SIGTERM, shutting down
[Thu Nov 24 11:49:47 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Nov 24 11:49:47 2016] [notice] SSL FIPS mode disabled
[Thu Nov 24 11:49:47 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Nov 24 11:49:47 2016] [warn] RSA server certificate CommonName (CN) `server1' does NOT match server name!?
[Thu Nov 24 11:49:47 2016] [notice] Digest: generating secret for digest authentication ...
[Thu Nov 24 11:49:47 2016] [notice] Digest: done
[Thu Nov 24 11:49:47 2016] [notice] SSL FIPS mode disabled
[Thu Nov 24 11:49:47 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Nov 24 11:49:47 2016] [warn] RSA server certificate CommonName (CN) `server1' does NOT match server name!?
[Thu Nov 24 11:49:47 2016] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations
[Thu Nov 24 11:55:19 2016] [notice] caught SIGTERM, shutting down
[Thu Nov 24 11:55:20 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Nov 24 11:55:20 2016] [notice] SSL FIPS mode disabled
[Thu Nov 24 11:55:20 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!?
[Thu Nov 24 11:55:20 2016] [notice] Digest: generating secret for digest authentication ...
[Thu Nov 24 11:55:20 2016] [notice] Digest: done
[Thu Nov 24 11:55:20 2016] [notice] SSL FIPS mode disabled
[Thu Nov 24 11:55:20 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!?
[Thu Nov 24 11:55:20 2016] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations
尝试
<VirtualHost *:443>
ServerName server1.example.com
ServerAlias server1
SSLEngine on
</VirtualHost>
您希望VirtualHost语句中的通配符关闭基于 IP 的虚拟主机映射。http://httpd.apache.org/docs/2.4/vhosts/name-based.html
注意固定线(SSLEngine而不是SSSLEngine)。
| 归档时间: |
|
| 查看次数: |
668 次 |
| 最近记录: |