SSLCACertificateFile应该使用哪个证书?

时间:2018-10-30 12:15:24

标签: ssl-certificate lets-encrypt

我运行acme.sh --issue --dns dns_cf -d *.example.com -d example.com来应用let'sencrypt的证书。
/root/.acme.sh/*.example.com中,我得到了几个文件,如下所示:

ca.cer                 *.example.com.conf      *.example.com.key
fullchain.cer          *.example.com.csr
*.example.com.cer  *.example.com.csr.conf

我的服务器是带有Apache 2.4的centos 7.4。
在apache虚拟主机设置中,我将SSLCertificateFileSSLCertificateKeyFile设置如下:

SSLCertificateFile "/root/.acme.sh/*.example.com/fullchain.cer"

SSLCertificateKeyFile "/root/.acme.sh/*.example.com/*.example.com.key"

SSLCACertificateFile ??

SSLCACertificateFile应该使用哪个文件?

1 个答案:

答案 0 :(得分:0)

这就是我的方法。 

<VirtualHost 10.0.2.15:443>
    ServerName example.com
    ServerAdmin webmaster@example.com
    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    CustomLog ${APACHE_LOG_DIR}/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    DocumentRoot /var/www-example.com
    <directory /var/www-example.com>
        Options All
                AllowOverride All
                Require all granted
    </directory>
    ErrorLog ${APACHE_LOG_DIR}/ssl-example.com-error.log
    CustomLog ${APACHE_LOG_DIR}/ssl-example.com-access.log combined
</VirtualHost>
相关问题
最新问题