Ubuntu 20.04 LAMP 和 WP 多站点的 OpenSSL 配置

问题： 如何将 1 个 OpenSSL 证书应用于 html 目录中的所有网站？ 问题：访问时https://localhost.site1.com或https://localhost.site2.com只显示index.html位于/var/www/html/index.html因为default-ssl.conf文档根目录是/var/www/html/

我有 2 个 wordpress 多站点（和其他站点）位于/var/www/html/：

/var/www/html/site1.com

和

/var/www/html/site2.com

在我的default-ssl.conf我有：

<IfModule mod_ssl.c>
<VirtualHost _default_:443>
    ServerAdmin [email protected]
    ServerName localhost
    ServerAlias localhost

    DocumentRoot /var/www/html/
    
    ErrorLog ${APACHE_LOG_DIR}/localhost.error.log
    CustomLog ${APACHE_LOG_DIR}/localhost.access.log combined

            SSLEngine on
    SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
    
    #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
    <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
            DirectoryIndex index.php
            AllowOverride All
            Order allow,deny
            Allow from all
            Require all granted
    </Directory>

    #   Similarly, one has to force some clients to use HTTP/1.0 to workaround
    #   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
    #   "force-response-1.0" for this.
      BrowserMatch "MSIE [2-6]" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0

</VirtualHost>
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

在我的/etc/hosts文件中，我有：

127.0.1.1   excalibur
127.0.0.1   localhost 
127.0.0.1   localhost.site1.com *.localhost.site1.com   # mainsite url
127.0.0.1   subsite-a.localhost.site1.com   
127.0.0.1   subsite-b.localhost.site1.com
127.0.0.1   subsite-c.localhost.site1.com

127.0.0.1   localhost.site2.com *.localhost.site2.com   # mainsite url

site1.com 的虚拟主机包含：

    <VirtualHost *:80>

    ServerName localhost.site1.com 
    ServerAlias www.localhost.site1.com
    
    # If this is the default configuration file we can use: 'ServerName localhost' or also 'ServerAlias localhost'.

    ServerAdmin [email protected]

    ErrorLog ${APACHE_LOG_DIR}/localhost.site1.com.error.log
    CustomLog ${APACHE_LOG_DIR}/localhost.site1.com.access.log combined

    DocumentRoot /var/www/html/site1.com
    
    <Directory /var/www/html/site1.com>
        Options None FollowSymLinks
        # Enable .htaccess Overrides:
        AllowOverride All
        DirectoryIndex index.php
        Order allow,deny
        Allow from all
        Require all granted
    </Directory>

    <Directory /var/www/html/site1.com/wp-content>
        Options FollowSymLinks
        Order allow,deny
        Allow from all
    </Directory>
    
    
   SSLEngine on
   SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
   SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key

</VirtualHost>

site2.com 的虚拟主机包含：

    <VirtualHost *:80>

    ServerName localhost.site2.com
    ServerAlias www.localhost.site2.com
    
    # If this is the default configuration file we can use: 'ServerName localhost' or also 'ServerAlias localhost'.

    ServerAdmin [email protected]

    ErrorLog ${APACHE_LOG_DIR}/localhost.site2.com.error.log
    CustomLog ${APACHE_LOG_DIR}/localhost.site2.com.access.log combined

    DocumentRoot /var/www/html/site2.com
    
    <Directory /var/www/html/site2.com>
        Options None FollowSymLinks
        # Enable .htaccess Overrides:
        AllowOverride All
        DirectoryIndex index.php
        Order allow,deny
        Allow from all
        Require all granted
    </Directory>

    <Directory /var/www/html/site2.com/wp-content>
        Options FollowSymLinks
        Order allow,deny
        Allow from all
    </Directory>
    
   SSLEngine on
   SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt
   SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key
   
</VirtualHost>

有小费吗？