所以我有一个使用 godaddy ssl 保护的子域。我想做的是保护标准的 443 端口和端口 2443,因此当访问https://secure.domain.com时,它应该是安全的,然后是在访问https://secure.domain 时。 com:2443它也是安全的。443 是标准站点,2443 是用于控制面板的。
我已将 ssl 条目添加到在 2443 下监听的虚拟主机中,但这并没有得到我想要的结果。我是新来的,谷歌并不是很有帮助。
这是在灯系统上。centos 6.4 apache2 可以这样吗?
继承人的虚拟主机配置:
<VirtualHost IP:80>
SuexecUserGroup PATH PATH
DocumentRoot /home/PATH/DOMAIN.COM/html
ServerName DOMAIN.COM
ServerAlias www.DOMAIN.COM ftp.DOMAIN.COM mail.DOMAIN.COM secure.DOMAIN.COM scripts.DOMAIN.COM
ServerAlias help.DOMAIN.COM
ServerAdmin [email protected]
# subdomain logic
RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_HOST} !^www\.tandgweb\.com [NC]
RewriteCond %{HTTP_HOST} !^PATH\.com [NC]
RewriteCond %{HTTP_HOST} ^([A-Z0-9a-z-.]+)\.PATH\.com [NC]
RewriteCond %{DOCUMENT_ROOT}/%1 -d
RewriteRule ^(.+) %{HTTP_HOST}/$1 [C]
RewriteRule ^([0-9A-Za-z-.]+)\.PATH\.com/?(.*)$ %{DOCUMENT_ROOT}/$1/$2 [L]
RewriteCond %{HTTP_HOST} ^www\.([A-Z0-9a-z-.]+)\.PATH\.com [NC]
RewriteCond %{DOCUMENT_ROOT}/%1 -d
RewriteRule ^(.+) %{HTTP_HOST}/$1 [C]
RewriteRule ^www\.([0-9A-Za-z-.]+)\.PATH\.com/?(.*)$ %{DOCUMENT_ROOT}/$1/$2 [L]
# end subdomain logic
ErrorLog /home/PATH/var/PATH.com/logs/error.log
CustomLog /home/PATH/var/PATH.com/logs/transfer.log combined
# php: default don't edit between this and the "end php" comment below
<IfModule mod_suphp.c>
suPHP_Engine On
suPHP_UserGroup PATH PATH
AddHandler x-httpd-php .php
suPHP_AddHandler x-httpd-php .php
suPHP_ConfigPath /home/PATH/etc
</IfModule>
<IfModule !mod_suphp.c>
<IfModule mod_php5.c>
php_admin_flag engine On
</IfModule>
<IfModule mod_php4.c>
php_admin_flag engine On
</IfModule>
</IfModule>
# end php
# cgi: 1 don't edit between this and the "end cgi" comment below
<Directory /home/PATH/PATH.com/html>
AllowOverride All
</Directory>
<Location />
Options +ExecCGI
</Location>
ScriptAlias /cgi-bin/ /home/PATH/PATH.com/html/cgi-bin/
# end cgi
<IfModule mod_interworx_settings.c>
# InterWorx adds this dummy module section to store settings
# There is no mod_interworx_settings module
# DO NOT DELETE
last_update 2014-01-10 00:10:18
iworx_controlled_ips IP:80
</IfModule>
</VirtualHost>
<VirtualHost IP:443>
SuexecUserGroup PATH PATH
DocumentRoot /home/PATH/PATH.com/html
ServerName PATH.com
ServerAlias www.PATH.com ftp.PATH.com mail.PATH.com secure.PATH.com scripts.PATH.com
ServerAlias help.PATH.com
ServerAdmin [email protected]
# subdomain logic
RewriteEngine On
RewriteOptions inherit
RewriteCond %{HTTP_HOST} !^www\.PATH\.com [NC]
RewriteCond %{HTTP_HOST} !^PATH\.com [NC]
RewriteCond %{HTTP_HOST} ^([A-Z0-9a-z-.]+)\.PATH\.com [NC]
RewriteCond %{DOCUMENT_ROOT}/%1 -d
RewriteRule ^(.+) %{HTTP_HOST}/$1 [C]
RewriteRule ^([0-9A-Za-z-.]+)\.PATH\.com/?(.*)$ %{DOCUMENT_ROOT}/$1/$2 [L]
RewriteCond %{HTTP_HOST} ^www\.([A-Z0-9a-z-.]+)\.PATH\.com [NC]
RewriteCond %{DOCUMENT_ROOT}/%1 -d
RewriteRule ^(.+) %{HTTP_HOST}/$1 [C]
RewriteRule ^www\.([0-9A-Za-z-.]+)\.PATH\.com/?(.*)$ %{DOCUMENT_ROOT}/$1/$2 [L]
# end subdomain logic
ErrorLog /home/PATH/var/PATH.com/logs/error.log
CustomLog /home/PATH/var/PATH.com/logs/transfer.log combined
# php: default don't edit between this and the "end php" comment below
<IfModule mod_suphp.c>
suPHP_Engine On
suPHP_UserGroup PATH PATH
AddHandler x-httpd-php .php
suPHP_AddHandler x-httpd-php .php
suPHP_ConfigPath /home/PATH/etc
</IfModule>
<IfModule !mod_suphp.c>
<IfModule mod_php5.c>
php_admin_flag engine On
</IfModule>
<IfModule mod_php4.c>
php_admin_flag engine On
</IfModule>
</IfModule>
# end php
# cgi: 1 don't edit between this and the "end cgi" comment below
<Directory /home/PATH/PATH.com/html>
AllowOverride All
</Directory>
<Location />
Options +ExecCGI
</Location>
ScriptAlias /cgi-bin/ /home/PATH/PATH.com/html/cgi-bin/
# end cgi
SSLEngine on
SSLHonorCipherOrder On
SSLCipherSuite RC4:HIGH:MEDIUM:!SSLv2:!ADH:!aNULL:!eNULL:!NULL:!LOW
SSLCACertificatePath /home/PATH/var/PATH.com/ssl
SSLCertificateKeyFile /home/PATH/var/PATH.com/ssl/PATH.com.priv.key
SSLCertificateFile /home/PATH/var/PATH.com/ssl/PATH.com.crt
SSLCACertificateFile /home/PATH/var/PATH.com/ssl/PATH.com.chain.crt
SSLOptions +ExportCertData +StrictRequire
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<IfModule mod_interworx_settings.c>
# InterWorx adds this dummy module section to store settings
# There is no mod_interworx_settings module
# DO NOT DELETE
last_update 2014-01-10 00:10:18
iworx_controlled_ips IP:443
</IfModule>
</VirtualHost>
<VirtualHost IP:2443>
SSLEngine on
SSLHonorCipherOrder On
SSLCipherSuite RC4:HIGaH:MEDIUM:!SSLv2:!ADH:!aNULL:!eNULL:!NULL:!LOW
SSLCACertificatePath /home/PATH/var/PATH.com/ssl
SSLCertificateKeyFile /home/PATH/var/PATH.com/ssl/PATH.com.priv.key
SSLCertificateFile /home/PATH/var/PATH.com/ssl/PATH.com.crt
SSLCACertificateFile /home/PATH/var/PATH.com/ssl/PATH.com.chain.crt
SSLOptions +ExportCertData +StrictRequire
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<strong></strong>
如this answer中所述,您可以让一个虚拟主机服务多个端点。
只需更改
<VirtualHost IP:443>
为<VirtualHost IP:443 IP:2443>
现在您在端口 443 和 2443 上获得相同的站点/虚拟主机
确保配置设置为侦听端口 2443: