Apache 忽略具有多个 SSL 域的 documentroot
Apache ignoring documentroot with multiple SSL domains
我在这里扯头发。
我有 Apache 运行 两个不同的域 运行 使用 SNI 的 SSL。
配置如下。
如果我连接到 console.somedomain.com,它会将用户置于 /var/www/html/ 而不是 /var/www/html/somedomain/Admin/adminv4/
但是,如果我连接到 support1.somedomain.com,它工作正常并且位于正确的目录中。
地球哪里出了问题?目录有效。
<VirtualHost *:443>
DocumentRoot "/var/www/html/somedomain/Admin/adminv4/"
ServerName console.somedomain.com
SSLEngine On
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/console.somedomain.com/console.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/console.somedomain.com/console.somedomain.com.key
<Directory "/var/www/html/somedomain/Admin/adminv4/">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
#
#
#NameVirtualHost support1.somedomain.com:443
<VirtualHost *:443>
DocumentRoot "/var/www/html/somedomain/"
ServerName support1.somedomain.com
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/support1_somedomain_com/support1.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/support1_somedomain_com/support1.somedomain.com.key
SSLCertificateChainFile /etc/httpd/ssl/support1_somedomain_com/latest.ca-bundle
<Directory "/var/www/html/somedomain/">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
已修复。
执行此命令后结果:
apachectl -t -D DUMP_VHOSTS
*:443 是一个 NameVirtualHost
默认服务器 console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56)
端口 443 namevhost console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56)
端口 443 namevhost console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56)
端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:441)
端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:441)
端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:455)
端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:455)
显示在 ssl.conf 中引用了控制台。
看了之后,SSL.conf只有默认的ssl。
然后我记得我的实际系统主机名是 console.somedomain.com
所以,
我删除了默认值(反正我不想要 SSL 上的任何其他东西。只是我定义的虚拟主机。)
重新启动了 apache,现在它可以工作了:
apachectl -t -D DUMP_VHOSTS
*:443 是一个 NameVirtualHost
默认服务器 support1.somedomain.com (/etc/httpd/conf/httpd.conf:444)
端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:444)
端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:444)
端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:458)
端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:458)
我在这里扯头发。
我有 Apache 运行 两个不同的域 运行 使用 SNI 的 SSL。
配置如下。 如果我连接到 console.somedomain.com,它会将用户置于 /var/www/html/ 而不是 /var/www/html/somedomain/Admin/adminv4/
但是,如果我连接到 support1.somedomain.com,它工作正常并且位于正确的目录中。
地球哪里出了问题?目录有效。
<VirtualHost *:443>
DocumentRoot "/var/www/html/somedomain/Admin/adminv4/"
ServerName console.somedomain.com
SSLEngine On
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/console.somedomain.com/console.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/console.somedomain.com/console.somedomain.com.key
<Directory "/var/www/html/somedomain/Admin/adminv4/">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
#
#
#NameVirtualHost support1.somedomain.com:443
<VirtualHost *:443>
DocumentRoot "/var/www/html/somedomain/"
ServerName support1.somedomain.com
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/support1_somedomain_com/support1.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/support1_somedomain_com/support1.somedomain.com.key
SSLCertificateChainFile /etc/httpd/ssl/support1_somedomain_com/latest.ca-bundle
<Directory "/var/www/html/somedomain/">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
已修复。
执行此命令后结果:
apachectl -t -D DUMP_VHOSTS
*:443 是一个 NameVirtualHost 默认服务器 console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56) 端口 443 namevhost console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56) 端口 443 namevhost console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56) 端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:441) 端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:441) 端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:455) 端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:455)
显示在 ssl.conf 中引用了控制台。
看了之后,SSL.conf只有默认的ssl。
然后我记得我的实际系统主机名是 console.somedomain.com
所以, 我删除了默认值(反正我不想要 SSL 上的任何其他东西。只是我定义的虚拟主机。)
重新启动了 apache,现在它可以工作了: apachectl -t -D DUMP_VHOSTS *:443 是一个 NameVirtualHost 默认服务器 support1.somedomain.com (/etc/httpd/conf/httpd.conf:444) 端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:444) 端口 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:444) 端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:458) 端口 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:458)