抱歉打擾大家,又來問問題了,這幾天一直在爬文尋找單一IP多個SSL的資訊。
我想要讓兩個多網域憑證都可以正常生效:
第一張憑證要輸入密碼,第二張憑證不用。
有使用到RewriteMap定義網站集合的資料位置跟對應網域。
設定沒有問題,重啟服務也沒有問題。
憑證目前只有第一張生效,第二張憑證的網域都會對應到第一張憑證而不是第二張憑證。
已經確認環境方面都滿足
Openssl 0.9.8j以上
enable ssh virtual host
apache 2.2.12以上
有一點沒有頭緒了,還請幫忙解惑,感激不盡。
抱歉,這是設定檔:
LoadModule ssl_module modules/mod_ssl.so
Listen 443
NameVirtualHost *:443
#SSLStrictSNIVHostCheck on
SSLPassPhraseDialog exec:/etc/pki/tls/certs/apache_pass.sh
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost _default_:443>
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/1.crt
SSLCertificateKeyFile /etc/pki/tls/certs/1.key
SSLCertificateChainFile /etc/pki/tls/certs/GRCA1_5_GCA2.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
DocumentRoot "/var/www/html/web"
ServerName 網站1:443
RewriteLog logs/rewrite.log
RewriteLogLevel 0
RewriteEngine on
RewriteMap lowercase int:tolower
RewriteMap vhost txt:/var/www/html/web/using-subsite.map
RewriteCond ${lowercase:%{HTTP_HOST}|NONE} ^(.+)$
RewriteCond ${vhost:%1} ^(/.*)$
RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}]
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/html/web"
ServerName 網站2:443
RewriteLog logs/rewrite.log
RewriteLogLevel 0
RewriteEngine on
RewriteMap lowercase int:tolower
RewriteMap vhost txt:/var/www/html/web/using-subsite.map
RewriteCond ${lowercase:%{HTTP_HOST}|NONE} ^(.+)$
RewriteCond ${vhost:%1} ^(/.*)$
RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}]
ErrorLog logs/ssl2__error_log
TransferLog logs/ssl2__access_log
LogLevel warn
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/pki/tls/certs/2.crt
SSLCertificateKeyFile /etc/pki/tls/certs/2.key
SSLCertificateChainFile /etc/pki/tls/certs/GRCA1_5_GCA2.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>