服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 如何使用Apache在单个IP上启用多个SSL虚拟主机和证书
Intereting Posts
Webservice随机丢弃连接 – 可能是由于防火墙的非事件数据? 处理器散热器:如何确定散热效率? 客户得到错误的期限服务CAL,得到临时而不是安装CAL Cisco IOS:两个WAN接口的NAT过载 当进程使用的“Res”内存不变时,自由物理内存如何减less? wifi接入点的SSID的最大长度是多less? 如何在Debian Jessie启动时使用脚本设置主机名? 名称服务器无法全局parsing。 服务器已经closures了30个小时 从Linux访问Windows共享的子文件夹 Chrooted用户不会在他的主目录中启动,也不会加载他的bash_profiles networkingDFS股份跳回根源 基于PF的Openbsd 6.0网关防火墙 将mod_wsgi的LD_PRELOAD传递给apache 2.4 每晚备份和服务器性能 ssh-keyscan – 仍然提升主机'()的真实性''无法build立

如何使用Apache在单个IP上启用多个SSL虚拟主机和证书

我想在Apache中启用对单个IP地址上的多个SSL虚拟主机证书的支持。

我的configuration文件如下。 请帮帮我: 

NameVirtualHost 196.196.1.117:443 NameVirtualHost 196.196.1.117:80 #Site Configuration on Port 80 <VirtualHost 196.196.1.117:80> DocumentRoot "/usr/local/tomcat/webapps/ROOT" ServerName sample_Site ServerAlias w3.sample.com ServerAdmin www.w3.sample.com ErrorLog /var/log/apache2/site-error_log CustomLog /var/log/apache2/site-access_log combined <Directory "/usr/local/tomcat/webapps/ROOT"> AllowOverride All Options +ExecCGI -Includes Order allow,deny Allow from all </Directory> JkMount /* worker1 DirectoryIndex home.xhtml Redirect /mb https://196.196.1.117/mb ErrorDocument 400 /error.xhtml ErrorDocument 401 /error.xhtml ErrorDocument 403 /error.xhtml ErrorDocument 404 /error.xhtml ErrorDocument 405 /error.xhtml ErrorDocument 408 /error.xhtml ErrorDocument 410 /error.xhtml ErrorDocument 411 /error.xhtml ErrorDocument 412 /error.xhtml ErrorDocument 413 /error.xhtml ErrorDocument 414 /error.xhtml ErrorDocument 415 /error.xhtml ErrorDocument 500 /error.xhtml ErrorDocument 501 /error.xhtml ErrorDocument 502 /error.xhtml ErrorDocument 503 /error.xhtml ErrorDocument 506 /error.xhtml </VirtualHost> #Site Configuration on Port 443 <VirtualHost 196.196.1.117:443> DocumentRoot "/usr/local/tomcat/webapps/ROOT" ServerName sample_Site ErrorLog /var/log/apache2/HttpsSite_error_log CustomLog /var/log/apache2/Https-accessSite_log combined <Directory "/usr/local/tomcat/webapps/ROOT"> SSLRequireSSL Order Deny,Allow Allow from All </Directory> JkMount /* worker1 DirectoryIndex home.xhtml ErrorDocument 400 /error.xhtml ErrorDocument 401 /error.xhtml ErrorDocument 403 /error.xhtml ErrorDocument 404 /error.xhtml ErrorDocument 405 /error.xhtml ErrorDocument 408 /error.xhtml ErrorDocument 410 /error.xhtml ErrorDocument 411 /error.xhtml ErrorDocument 412 /error.xhtml ErrorDocument 413 /error.xhtml ErrorDocument 414 /error.xhtml ErrorDocument 415 /error.xhtml ErrorDocument 500 /error.xhtml ErrorDocument 501 /error.xhtml ErrorDocument 502 /error.xhtml ErrorDocument 503 /error.xhtml ErrorDocument 506 /error.xhtml SSLEngine on #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCipherSuite ALL:!ADH:!EXPORT56:+SSLv3:TLSv1 SSLCertificateFile /etc/apache2/ssl.crt/sb24.crt SSLCertificateKeyFile /etc/apache2/ssl.key/sb24.key <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/srv/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog /var/log/apache2/ssl_request_log ssl_combined SetEnv HTTPS on SetEnv SERVER_PORT 443 </VirtualHost> #Admin Configuration on Port 443 <VirtualHost 196.196.1.117:443> DocumentRoot "/usr/local/tomcat1/webapps/SB24_Admin" ServerName SB24Admin ErrorLog /var/log/apache2/admin_error_log CustomLog /var/log/apache2/admin-access_log combined <Directory "/usr/local/tomcat1/webapps/SB24_Admin"> SSLRequireSSL Order Deny,Allow Allow from All </Directory> JkMount /* worker2 DirectoryIndex home.xhtml ErrorDocument 400 /error.xhtml ErrorDocument 401 /error.xhtml ErrorDocument 403 /error.xhtml ErrorDocument 404 /error.xhtml ErrorDocument 405 /error.xhtml ErrorDocument 408 /error.xhtml ErrorDocument 410 /error.xhtml ErrorDocument 411 /error.xhtml ErrorDocument 412 /error.xhtml ErrorDocument 413 /error.xhtml ErrorDocument 414 /error.xhtml ErrorDocument 415 /error.xhtml ErrorDocument 500 /error.xhtml ErrorDocument 501 /error.xhtml ErrorDocument 502 /error.xhtml ErrorDocument 503 /error.xhtml ErrorDocument 506 /error.xhtml SSLEngine on #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCipherSuite ALL:!ADH:!EXPORT56:+SSLv3:TLSv1 SSLCertificateFile /etc/apache2/ssl.crt/sb24.crt SSLCertificateKeyFile /etc/apache2/ssl.key/sb24.key <Files ~ "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars </Files> <Directory "/srv/www/cgi-bin"> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog /var/log/apache2/ssl_request_log ssl_combined SetEnv HTTPS on SetEnv SERVER_PORT 443 </VirtualHost>

只有当您的服务器和Web浏览器都支持服务器名称指示(SNI)时,才能执行此操作。 详细信息请参阅此Apache页面。

http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2

如果您没有运行最新的Apache(大于2.2.12),则无法在同一IP和端口(443)上运行具有不同SSL证书的多个SSL站点。

还有一个通配符SSL选项 ,但是这只对托pipe虚拟主机很有用;

subdomain1.mybadger.com
subdomain2.mybadger.com
subdomain3.mybadger.com

使用gnutls而不是SSL请参阅此页面了解详细信息

http://www.howtoforge.com/hosting-multiple-ssl-web-sites-on-one-ip-address-with-apache-2.2-and-gnutls-debian-lenny

另外,一些反向代理可以让你完成同样的事情。