在Apache2中,我想单独定义一次与SSL有关的东西,并在其他configuration文件中单独定义。 这主要是一个有趣的问题,但它也允许我在我的自动部署过程中包括其余的configuration。
即:现状:
# in file: 0000-ourdomain.com.conf (number needs to be low) <VirtualHost xx.xx.xx.xx:443> # SSL part SSLEngine on SSLCertificateFile ....crt SSLCACertificateFile ...pem SSLCertificateChainFile ...intermediate.pem SSLCertificateKeyFile ....wildcard.ourdomain.com.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown ServerName www.ourdomain.com ServerAlias ourdomain.com # the actual configuration, as found for xx.xx.xx.xx:80, repeated </VirtualHost> 我想要
# in file: 0000-ssl-stuff <VirtualHost xx.xx.xx.xx:443> # SSL part SSLEngine on SSLCertificateFile ....crt SSLCACertificateFile ...pem SSLCertificateChainFile ...intermediate.pem SSLCertificateKeyFile ....wildcard.ourdomain.com.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown ServerName www.ourdomain.com ServerAlias ourdomain.com </VirtualHost> # in file: ourdomain.com.conf <VirtualHost xx.xx.xx.xx:443> # the actual configuration, as found for xx.xx.xx.xx:80, repeated </VirtualHost>
不幸的是,这似乎并不奏效。 Apache SSL失败,但在重新加载或语法检查时不会显示错误消息。
我find最好的解决方法是从我们的0000-ssl文件Include指令。
非常感谢!
您可以使用include指令创build一个单独的文件。 你的443虚拟主机将是:
# in file: ourdomain.com.conf <VirtualHost xx.xx.xx.xx:443> # the actual configuration, as found for xx.xx.xx.xx:80, repeated ServerName www.ourdomain.com ServerAlias ourdomain.com Include conf/vhosts/ourdomain.ssl.conf </VirtualHost>
并在conf / vhosts / ourdomain.ssl.conf中:
# SSL part SSLEngine on SSLCertificateFile ....crt SSLCACertificateFile ...pem SSLCertificateChainFile ...intermediate.pem SSLCertificateKeyFile ....wildcard.ourdomain.com.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
一些事情。 首先,包含path是相对于ServerRoot(即/ usr / local / apache),而不是相对于包含它的文件。
其次,ourdomain.ssl.conf文件不重复xx.xx.xx.xx:443的VirtualHost指令。 这已经被包括Vhost在内的处理过了。