Apache虚拟主机https可以工作,但http仅适用于默认虚拟主机

时间:2017-10-12 05:34:22

标签: apache apache2 apache2.4

我正在使用带有apache的amazon linux(Apache / 2.4.25(亚马逊))。我有几个域和几个子域。我使用letsencrypt / cerbot获取ssl证书。这有效。我可以毫无问题地访问https。但是,我无法访问任何非默认的http虚拟主机。它们都重新路由到默认虚拟主机。我只找到了其他一些没有解决方案的帖子,这似乎很难找到。 Letsencrypt抱怨我需要为虚拟主机提供单独的文件,这就是我为http和https所做的。我最终将所有的http都移到了httpd.conf中,但这也无效。我的域名和子域名也有“A”记录。我错过了什么?

###Begin httpd.conf###

ServerRoot "/etc/httpd"

Listen 80

Include conf.modules.d/*.conf

User nona_yo_biz
Group nona_yo_biz

ServerAdmin support@example.com

<Directory />
    AllowOverride none
    Require all denied
</Directory>

<Directory "/var/www">
    AllowOverride All
    # Allow open access:
    Require all granted
</Directory>

<Directory "/var/www/html">
    Options FollowSymLinks
    AllowOverride All
    Require all granted
</Directory>

# Load config files in the "/etc/httpd/conf.d" directory, if any.
# This is where my ssl files are stored
IncludeOptional conf.d/*.conf

#Some other module crap etc

#Some other AWS settings

<Directory "/var/www/html">
    Options FollowSymLinks
    AllowOverride All
    DirectoryIndex index.html index.php
    Require all granted
</Directory>

<VirtualHost *:80>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/basesite"
ServerName basesite.com
</VirtualHost>

<VirtualHost *:80>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/sub1example"
ServerName sub1.example.com
</VirtualHost>

<VirtualHost *:80>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/sub2example"
ServerName sub2.example.com
</VirtualHost>

<VirtualHost *:80>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/example"
ServerName example.com
</VirtualHost>

###End httpd.conf###

###BEGIN ssl.conf###

Listen 443 https

#Some other stuff

<VirtualHost *:443>
DocumentRoot "/var/www/html/basesite"
ServerName basesite.com:443
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
#Some other stuff
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ServerAdmin support@example.com
SSLCertificateFile /etc/letsencrypt/live/basesite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/basesite.com/privkey.pem
</VirtualHost>

###END ssl.conf

###Separate conf file for vhost###

<VirtualHost *:443>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/sub1example"
ServerName sub1.example.com:443
SSLCertificateFile /etc/letsencrypt/live/basesite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/basesite.com/privkey.pem
</VirtualHost>

###Separate conf file for vhost###

<VirtualHost *:443>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/sub2example"
ServerName sub2.example.com:443
SSLCertificateFile /etc/letsencrypt/live/basesite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/basesite.com/privkey.pem
</VirtualHost>

###Separate conf file for vhost###

<VirtualHost *:443>
ServerAdmin support@example.com
DocumentRoot "/var/www/html/example"
ServerName example.com:443
SSLCertificateFile /etc/letsencrypt/live/basesite.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/basesite.com/privkey.pem
</VirtualHost>

编辑apachectl -S输出 

sudo apachectl -S
VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server basesite.com (/etc/httpd/conf.d/ssl.conf:57)
         port 443 namevhost basesite.com (/etc/httpd/conf.d/ssl.conf:57)
         port 443 namevhost sub1.example.com (/etc/httpd/conf.d/ssl_sub1_exa.conf:1)
         port 443 namevhost example.com (/etc/httpd/conf.d/ssl_exa.conf:1)
         port 443 namevhost sub2.example.com (/etc/httpd/conf.d/ssl_sub2_exa.conf:1)
*:80                   is a NameVirtualHost
         default server basesite.com (/etc/httpd/conf/httpd.conf:392)
         port 80 namevhost basesite.com (/etc/httpd/conf/httpd.conf:392)
         port 80 namevhost sub1.example.com (/etc/httpd/conf/httpd.conf:400)
                 alias sub1.example.com:80
         port 80 namevhost example.com (/etc/httpd/conf/httpd.conf:407)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www/html/"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex default: dir="/var/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex cache-socache: using_defaults
Mutex authdigest-opaque: using_defaults
Mutex watchdog-callback: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
PidFile: "/var/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="nona_yo_biz" id=404
Group: name="nona_yo_biz" id=505

4 个答案:

答案 0 :(得分:1)

所以我已经解决了这个问题,不幸的是,它是尝试几种不同的东西的组合。所以我没有提供简单的答案,但我可以提供一些帮助我的方法。

  1. 感谢Vasya Zhuryk,我使用 sudo apachectl -S 来确定虚拟主机实际加载的位置和方式。在Amazon Linux apache默认设置中,当sds文件以“.conf”结尾时,它们将从conf.d动态加载。它们通过 IncludeOptional conf.d / * .conf 从主httpd.conf文件加载。正如我之前已经意识到的那样,不要将备份保留在带有“.conf”的conf.d中,否则你最终会遇到问题。但是,这不会出现在conf文件夹中。所以那些需要包含在 Include / path to file / file.conf 中。
  2. 我发现当使用chrome(ctrl + shift + N)进行私密浏览时,非ssl网站运行正常。因此,自“开始时间”清除自动填充表单数据(以及可能的缓存图像和文件)后,清除了chrome中的坏域重定向。这是非常误导的,因为我会输入地址,正确的域名会显示,但总会重定向到错误的域名。这很可能是因为以前配置不当的虚拟主机。

    3. 此外,还有很多事情已经完成并且一直在尝试,但上面是一些可能有助于其他人的关键点。

答案 1 :(得分:0)

我没有看到 NameVirtualHost *:80 的条目,对于基于名称的虚拟主机,这是您在配置文件中需要的条目。试一试吧。

答案 2 :(得分:0)

我有两个想法: (参见虚拟主机)

1. httpd -S


2. SSLCertificateKeyFile must have *.key extension

你没有虚拟主机指令(index.php,启用.htaccess等),你可以试试这个:

<VirtualHost *:80>
    ServerAdmin support@example.com
    DocumentRoot "/var/www/html/basesite"
    ServerName basesite.com

    <Directory "/var/www/html/basesite/">
        Options Indexes FollowSymLinks
        AllowOverride All
        DirectoryIndex index.php index.html
        Require all granted
    </Directory>
</VirtualHost>

答案 3 :(得分:0)

您需要将“NS”记录添加到域管理面板。

相关问题
最新问题