自从过去3天以来,我一直面临一个奇怪的问题;在这里发布我的问题之前,我已经做了我需要做的一切.
我的httpd.conf如下所示:
NameVirtualHost *:443 Listen *:443 <VirtualHost server1.example.com:443> ServerName server1 #ServerName server1.example.com SSSLEngine on </VirtualHost>
SSL应用于server1.example.com,但是当我们访问网站后,它只能在ServerName server1上运行,而不能在ServerName server1.example.com上运行.我们在任何配置和网络文件中都没有server1.
因此,当我们这样做https://server1.example.com/xyz/ —它与ServerName server1一起使用但不能与ServerName server1.example.com一起使用.
这里的问题在哪里;我没有得到它. / etc / hosts,/ etc / sysconfig / network,我们没有server1;甚至在DNS中也是如此.
请建议.
这是我们在错误日志中得到的:
[Thu Nov 24 11:40:14 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!? [Thu Nov 24 11:40:14 2016] [notice] Digest: generating secret for digest authentication ... [Thu Nov 24 11:40:14 2016] [notice] Digest: done [Thu Nov 24 11:40:14 2016] [notice] SSL FIPS mode disabled [Thu Nov 24 11:40:14 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!? [Thu Nov 24 11:40:14 2016] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations [Thu Nov 24 11:49:47 2016] [notice] caught SIGTERM,shutting down [Thu Nov 24 11:49:47 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Nov 24 11:49:47 2016] [notice] SSL FIPS mode disabled [Thu Nov 24 11:49:47 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Nov 24 11:49:47 2016] [warn] RSA server certificate CommonName (CN) `server1' does NOT match server name!? [Thu Nov 24 11:49:47 2016] [notice] Digest: generating secret for digest authentication ... [Thu Nov 24 11:49:47 2016] [notice] Digest: done [Thu Nov 24 11:49:47 2016] [notice] SSL FIPS mode disabled [Thu Nov 24 11:49:47 2016] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Nov 24 11:49:47 2016] [warn] RSA server certificate CommonName (CN) `server1' does NOT match server name!? [Thu Nov 24 11:49:47 2016] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations [Thu Nov 24 11:55:19 2016] [notice] caught SIGTERM,shutting down [Thu Nov 24 11:55:20 2016] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Nov 24 11:55:20 2016] [notice] SSL FIPS mode disabled [Thu Nov 24 11:55:20 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!? [Thu Nov 24 11:55:20 2016] [notice] Digest: generating secret for digest authentication ... [Thu Nov 24 11:55:20 2016] [notice] Digest: done [Thu Nov 24 11:55:20 2016] [notice] SSL FIPS mode disabled [Thu Nov 24 11:55:20 2016] [warn] RSA server certificate CommonName (CN) `server1.example.com' does NOT match server name!? [Thu Nov 24 11:55:20 2016] [notice] Apache/2.2.3 (Red Hat) configured -- resuming normal operations
解决方法
尝试
<VirtualHost *:443> ServerName server1.example.com ServerAlias server1 SSLEngine on </VirtualHost>
您希望VirtualHost语句中的通配符关闭基于IP的vhost映射. http://httpd.apache.org/docs/2.4/vhosts/name-based.html
注意固定线(SSLEngine而不是SSSLEngine).
