2013年8月1日 星期四

CenOS6 Apache SSL Multi Virtual Host (fix the "_default_ VirtualHost overlap on port 443, the first has precedence" problem)


yum install mod_ssl openssl

# 產生私鑰
openssl genrsa -out ca.key 1024 

# 產生 CSR
openssl req -new -key ca.key -out ca.csr

# 產生自我簽署的金鑰
openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

# 複製檔案至正確位置
chmod go-r ca.* 
cp ca.crt /etc/pki/tls/certs
cp ca.key /etc/pki/tls/private/ca.key
cp ca.csr /etc/pki/tls/private/ca.csr
警告:如果你採用 SELinux,請確保你複製這些檔案而不是遷移它們。否則 Apache 將會投訴關於違漏了的憑證檔,因為它無法讀取這些擁有錯誤 SELinux 脈絡的憑證檔。




vim /etc/httpd/conf.d/ssl.conf

LoadModule ssl_module modules/mod_ssl.so


#important , to fix the _default_ VirtualHost overlap on port 443, the first has precedence problem
NameVirtualHost *:443  

#
# When we also provide SSL we have to listen to the
# the HTTPS port in addition.
#
Listen 0.0.0.0:443


沒有留言:

張貼留言