4

我目前在配置 MAMP 2 以将 SSL 与多个虚拟主机一起使用时遇到了麻烦(它与一个虚拟主机一起工作正常)。就我而言,它只会为 https-ssl.conf 文件中列出的第一个虚拟主机提供 SSL 连接。

在我的 httpd-vhosts.conf 文件中,我有几个虚拟主机设置,例如:

<VirtualHost *:80> 
    DocumentRoot "/Users/me/sites/something/" 
    ServerName something.local 
</VirtualHost>
<VirtualHost *:80> 
    DocumentRoot "/Users/me/sites/else/" 
    ServerName else.local 
</VirtualHost>

在我的 https-ssl.conf 文件中,我有几个虚拟主机设置,例如:

<VirtualHost *:443>
    DocumentRoot "/Users/me/sites/something"
    ServerName something.local:443
    ServerAdmin you@example.com
    ErrorLog "/Applications/MAMP/Library/logs/error_log"
    TransferLog "/Applications/MAMP/Library/logs/access_log"

    SSLEngine on

    #   SSL Cipher Suite:
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    #   Server Certificate:
    SSLCertificateFile "/Applications/MAMP/conf/apache/server.crt"
    #SSLCertificateFile "/Applications/MAMP/conf/apache/server-dsa.crt"

    #   Server Private Key:
    SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server.key"
    #SSLCertificateKeyFile "/Applications/MAMP/conf/apache/server-dsa.key"

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/Applications/MAMP/Library/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>

    #   SSL Protocol Adjustments:
    BrowserMatch ".*MSIE.*" \
             nokeepalive ssl-unclean-shutdown \
             downgrade-1.0 force-response-1.0

    #   Per-Server Logging:
    CustomLog "/Applications/MAMP/Library/logs/ssl_request_log" \
                  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>  
<VirtualHost *:443>
    DocumentRoot "/Users/me/sites/else"
    ServerName else.local:443
    ServerAdmin you@example.com
    ErrorLog "/Applications/MAMP/Library/logs/error_log"
    TransferLog "/Applications/MAMP/Library/logs/access_log"


    ........add'l config deleted......
</VirtualHost>

在 https-ssl.conf 中列出的第一个虚拟主机提供 SSL 支持,但在它之后没有列出任何虚拟主机( https://something.local 可以工作,但不是https://else.local)总是有效

任何帮助,将不胜感激!

4

3 回答 3

5

每个 IP 只能有一个 HTTPS 主机 - 这是 HTTPS 的限制。尝试<VirtualHost ip.ad.dr.es:443>使用不同的 IP 在每个 IP 上获取 HTTPS 主机。

于 2012-06-26T23:52:50.203 回答
2

.conf原始问题中的文件很接近但不完全在那里......

为了让 Apache 通过 SSL 识别不同的虚拟主机,您需要使用NameVirtualHost并关闭“Strict SNI”。本质上,您需要在httpd-ssl.conf文件顶部添加以下内容:

# Ensure that Apache listens on port 443
Listen 443

# Listen for virtual host requests on all IP addresses
NameVirtualHost *:443

# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off

然后确保您的每个虚拟主机节点都使用以下标记声明:

<VirtualHost *:443>

注意:您使用的浏览器也需要支持 SNI。

所有这些都取自 Apache 文档中的此页面: https ://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

于 2017-07-11T20:35:53.293 回答
1

httpd-vhost.conf如果包含,请尝试此操作httpd.conf

NameVirtualHost *:80
NameVirtualHost *:443

谢谢

于 2014-07-29T15:44:33.543 回答