Apache - 多个 SSL 问题
我在名为 virtualhosts.conf 的文件中定义了 2 个站点,在 httpd.conf 末尾加载。
它们的格式都是:
<VirtualHost IP:80>
DocumentRoot D:/Site/A/
...
</VirtualHost>
<VirtualHost IP:443>
DocumentRoot D:/Site/A/
...
</VirtualHost>
<VirtualHost IP__2:80>
DocumentRoot D:/Site/B/
...
</VirtualHost>
<VirtualHost IP__2:443>
DocumentRoot D:/Site/B/
...
</VirtualHost>
如果我加载 https://sitea.com,使用上述配置,它加载得很好。如果我使用上述配置加载 https://siteb.com ,它就会崩溃,说 siteb 将自己标识为 sitea 。如果我翻转条目的顺序:
<VirtualHost IP__2:80>
DocumentRoot D:/Site/B/
...
</VirtualHost>
<VirtualHost IP__2:443>
DocumentRoot D:/Site/B/
...
</VirtualHost>
<VirtualHost IP:80>
DocumentRoot D:/Site/A/
...
</VirtualHost>
<VirtualHost IP:443>
DocumentRoot D:/Site/A/
...
</VirtualHost>
现在,siteb 加载得很好,但 sitea 会抛出一个错误,表明它将自己标识为 siteb。
到底是怎么回事?看起来 Apache 默认为文件中的“顶部”条目,即使两者对于其域来说似乎都是有效的(如果它们是第一个)。
编辑: 我的 httpd.conf 的顶部:
Listen 80
Listen 443
NameVirtualHost IP.50:80
NameVirtualHost IP.50:443
NameVirtualHost IP.51:80
NameVirtualHost IP.51:443
NameVirtualHost IP.52:80
NameVirtualHost IP.52:443
NameVirtualHost IP.53:80
NameVirtualHost IP.53:443
NameVirtualHost IP.54:80
NameVirtualHost IP.54:443
NameVirtualHost IP.55:80
NameVirtualHost IP.55:443
NameVirtualHost IP.56:80
NameVirtualHost IP.56:443
I have 2 sites defined in a file called virtualhosts.conf, loaded at the end of httpd.conf.
They both have the format of:
<VirtualHost IP:80>
DocumentRoot D:/Site/A/
...
</VirtualHost>
<VirtualHost IP:443>
DocumentRoot D:/Site/A/
...
</VirtualHost>
<VirtualHost IP__2:80>
DocumentRoot D:/Site/B/
...
</VirtualHost>
<VirtualHost IP__2:443>
DocumentRoot D:/Site/B/
...
</VirtualHost>
If I load https://sitea.com, with the above config, it loads just fine. If I load https://siteb.com with the above config though, it breaks, saying that siteb is identifying itself as sitea. If I flip the order of the entries:
<VirtualHost IP__2:80>
DocumentRoot D:/Site/B/
...
</VirtualHost>
<VirtualHost IP__2:443>
DocumentRoot D:/Site/B/
...
</VirtualHost>
<VirtualHost IP:80>
DocumentRoot D:/Site/A/
...
</VirtualHost>
<VirtualHost IP:443>
DocumentRoot D:/Site/A/
...
</VirtualHost>
Now, siteb loads just fine, but sitea throws an error that it is identifying itself as siteb.
What is going on? It seems like Apache is defaulting to the 'top' entry in the file, even though both seem to be valid, for their domains, if they are first.
EDIT: The top of my httpd.conf:
Listen 80
Listen 443
NameVirtualHost IP.50:80
NameVirtualHost IP.50:443
NameVirtualHost IP.51:80
NameVirtualHost IP.51:443
NameVirtualHost IP.52:80
NameVirtualHost IP.52:443
NameVirtualHost IP.53:80
NameVirtualHost IP.53:443
NameVirtualHost IP.54:80
NameVirtualHost IP.54:443
NameVirtualHost IP.55:80
NameVirtualHost IP.55:443
NameVirtualHost IP.56:80
NameVirtualHost IP.56:443
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
SSL 在 HTTP 请求之前建立,服务器在收到请求时不知道要提供谁的证书。除了为每个安全域提供专用 IP 之外,这个问题没有通用的解决方案。顺便说一句,你的问题在 StackOverflow 上是偏离主题的。
SSL is established ahead of HTTP request and the server doesn't know whose certificate to present when it receives the request. This problem doesn't have general solution other than have a dedicated IP for each secure domain. And BTW your question is off-topic on StackOverflow.