ApacheでSSLを使用して複数のサブドメインを構成するにはどうすればよいですか?
構成:
- Debian
- Apache2
- ワイルドカードSSL:* .example.com
- サブドメイン:a.example.com、b.example.com。
- 1つの専用サーバー
- WebサイトはNodeJS(ProxyPass ...)にあります
今のところ、a.example.comを機能させることができます。しかし、どうすればa.example.comとb.example.comを同じサーバーで動作させることができますか?
/etc/Apache2/site-enable/a.example.com.conf
<VirtualHost *:80>
ServerName a.example.com
Redirect permanent / https://a.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.a.example.com
Redirect permanent / https://a.example.com
</VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName a.example.com
ServerAlias www.a.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:4949/
ProxyPassReverse http://localhost:4949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
更新---これを試してみると:
/etc/Apache2/site-enable/b.example.com.conf
<VirtualHost *:80>
ServerName b.example.com
Redirect permanent / https://b.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.example.com
Redirect permanent / https://b.example.com
/VirtualHost>
Listen 443
<VirtualHost *:443>
ServerName b.example.com
ServerAlias www.b.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
私はこれを手に入れています
[....] Restarting web server: Apache2[Thu Jul 21 14:58:01 2016] [warn] module passenger_module is already loaded, skipping
[Thu Jul 21 14:58:01 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Thu Jul 21 14:58:01 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
... waiting [Thu Jul 21 14:58:02 2016] [warn] module passenger_module is already loaded, skipping
[Thu Jul 21 14:58:02 2016] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Thu Jul 21 14:58:02 2016] [warn] NameVirtualHost *:80 has no VirtualHosts
(98)Address already in use: make_sock: could not bind to address [::]:443
---更新
B.exemple.com.confのListen443を削除しました
しかし今、私はこれを持っています:
a.example.com ---> b.example.com
b.example.com ---> b.example.com
問題は、aにアクセスしようとすると、bにリダイレクトされることです。
私が間違っていることは何ですか?
/etc/Apache2/site-enable/b.example.com.conf
<VirtualHost *:80>
ServerName b.example.com
Redirect permanent / https://b.example.com
</VirtualHost>
<VirtualHost *:80>
ServerName www.b.example.com
Redirect permanent / https://b.example.com
/VirtualHost>
<VirtualHost *:443>
ServerName b.example.com
ServerAlias www.b.example.com
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
-更新が解決策を見つけました:)
私はついに私の問題の解決策を見つけました、あなたの助けに感謝します!
<IfModule mod_ssl.c>
Listen 443
NameVirtualHost *:443
</IfModule>
<VirtualHost *:443>
ServerName www.example.fr
DocumentRoot "/var/www/html/404"
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/XXXXX.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
<VirtualHost *:80>
ServerName www.example.fr
Redirect permanent / https://a.example.fr
</VirtualHost>
<VirtualHost *:80>
ServerName a.example.fr
Redirect permanent / https://a.example.fr
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName a.example.fr
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:4949/
ProxyPassReverse http://localhost:4949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/serveurA.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
<VirtualHost *:80>
ServerName b.example.fr
Redirect permanent / https://b.example.fr
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName b.example.fr
ProxyRequests off
LimitRequestLine 150000
LimitRequestFieldSize 150000
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location />
ProxyPass http://localhost:6949/
ProxyPassReverse http://localhost:6949/
</Location>
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:!LOW:!aNULL:!eNULL
SSLCertificateFile /etc/ssl/2__.example.fr.crt
SSLCertificateKeyFile /root/serveurA.key
SSLCertificateChainFile /etc/ssl/1_root_bundle.crt
</VirtualHost>
すべてのサブドメインのワイルドカード(* .example.com)の仮想ホストコードを変更します。この機能を実装するには、SSL証明書をワイルドカードにする必要があります。これは複数のサブドメインをサポートします。
Apacheの<virtualhost>コードに2行を変更/追加httpd.confまたはssl.confファイル
ServerName www.example.com
ServerAlias *.example.com
例:
a.example.com
b.example.com
WHATEVER_SUB-DOMAIN_TEXT.example.com