Вопросы Теги

Apache2 на перезаписываемом сертификате SSL сервера Ubuntu

мой веб-сервер eternialogic.com У меня есть instantssl.com свободный 90-дневный лицензионный ключ.

Каждый раз, когда я goto eternialogic.com, это говорит, что сертификат "самоподписывается" для ubuntu.

Error.log:

[Wed Oct 14 17:14:57.863602 2015] [ssl:warn] [pid 31565] AH01909: RSA certificate configured for eternialogic.com:443 does NOT include an ID which matches the server name
[Wed Oct 14 17:14:57.864075 2015] [ssl:warn] [pid 31565] AH01909: RSA certificate configured for eternialogic.com:443 does NOT include an ID which matches the server name
[Wed Oct 14 17:14:57.864182 2015] [ssl:warn] [pid 31565] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Wed Oct 14 17:14:57.908892 2015] [ssl:warn] [pid 31567] AH01909: RSA certificate configured for eternialogic.com:443 does NOT include an ID which matches the server name
[Wed Oct 14 17:14:57.909307 2015] [ssl:warn] [pid 31567] AH01909: RSA certificate configured for eternialogic.com:443 does NOT include an ID which matches the server name
[Wed Oct 14 17:14:57.909416 2015] [ssl:warn] [pid 31567] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Wed Oct 14 17:14:57.914767 2015] [mpm_prefork:notice] [pid 31567] AH00163: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.13 OpenSSL/1.0.1f mod_wsgi/3.4 Python/2.7.6 configured -- resuming normal operations
[Wed Oct 14 17:14:57.914806 2015] [core:notice] [pid 31567] AH00094: Command line: '/usr/sbin/apache2'

значение-по-умолчанию-ssl.conf:

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerAdmin eternialogic@gmail.com
        ServerName eternialogic.com

        DocumentRoot /var/www/

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf

        #   SSL Engine Switch:
        #   Enable/Disable SSL for this virtual host.
        SSLEngine on
        SSLProtocol all -SSLv2
        SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

        #   A self-signed (snakeoil) certificate can be created by installing
        #   the ssl-cert package. See
        #   /usr/share/doc/apache2/README.Debian.gz for more info.
        #   If both key and certificate are stored in the same file, only the
        #   SSLCertificateFile directive is needed.
        SSLCertificateFile  /etc/apache2/ssl/eternialogic_com.crt
        SSLCertificateKeyFile /etc/apache2/ssl/ssl.private.key
        SSLCertificateChainFile /etc/apache2/ssl/eternialogic_com.ca-bundle
        #SSLCertificateFile /etc/apache2/ssl/eternialogic_com.ca-bundle

        #   Server Certificate Chain:
        #   Point SSLCertificateChainFile at a file containing the
        #   concatenation of PEM encoded CA certificates which form the
        #   certificate chain for the server certificate. Alternatively
        #   the referenced file can be the same as SSLCertificateFile
        #   when the CA certificates are directly appended to the server
        #   certificate for convinience.


        DocumentRoot /var/www/
        <Directory />
            Options FollowSymLinks
            AllowOverride None
        </Directory>
        <Directory /var/www/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride None
            Order allow,deny
            allow from all
        </Directory>

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/access.log combined

        Alias /doc/ "/usr/share/doc/"
        <Directory "/usr/share/doc/">
            Options Indexes MultiViews FollowSymLinks
            AllowOverride None
            Order deny,allow
            Deny from all
            Allow from 127.0.0.0/255.0.0.0 ::1/128
        </Directory>
    </VirtualHost>
</IfModule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet

ports.conf:

Listen 83

<IfModule ssl_module>
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
0
задан 15 October 2015 в 02:36

1 ответ

Давайте Зашифруем, лучший ssl поставщик, кто предлагает бесплатные сертификаты SSL и Давайте зашифруем также предложение автоматическая функция обновления таким образом, это очень легко к не, только устанавливают, но и возобновляют каждые 3 месяца автоматически.

Инструкции установить Позволяют нам Зашифровать SSL

  • , Открывают зависимости от сервера SSH Terminal
  • Install sudo apt-get update
  • , Мерзавец Установки 'sudo склонный - получает мерзавца установки
  • Установка, Давайте Зашифруем sudo git clone https://github.com/certbot/certbot /opt/letsencrypt
  • , Переходят к Установке каталога cd /opt/letsencrypt
  • на домене ./certbot-auto –apache -d example.com -d www.example.com

Thats это!! Также можно автоматизировать задачу обновления путем создания задания крона, Вот источник для того Установка SSL в Ubuntu, и Автоматизируйте Обновление '

0
ответ дан 30 September 2019 в 07:55

Другие вопросы по тегам:

Похожие вопросы: