|
|
我在配置 apache+SSL 中出现了一个问题,望得到大家的热心帮助!
我在本地,使用同样的步骤,方式以及命令,使用 openssl 生成证书和公钥,并配置了 apache,且最终环境测试通过!
而在远程的公司服务器上配置,存在两种结果,均不成功:
第一种情况:在服务器上浏览器中 https://... 请求时也提示“不信任的证书”,我也点“查看”了,域名和我生成证书的域名一样,而当我点“继续”后,服务器就响应 HTTP 403,我的是 Windows 2003 的系统,我已经将相关文件以及目录为其分配了所有权限还是同样的错误!
第二种情况:在远程客户端浏览器中 https://... 请求时,没有响应,最终响应超时,域名解析是没问题的,http 是可以正常访问的!
我使用的是 Apache 2.2.8-win32-x86-openssl-0.9.8g,浏览器分别为 IE6(服务器上),IE7(客户端上)
相关的三个配置文件如下,文件内容除 httpd.conf 外,其它两个均完整!
另外请各位帮忙看看如下的主机环境配置能否正式上线向公众开放!
请多指教!
===================================================================================
apache.2.2.8/conf/httpd.conf 中的部分配置
===================================================================================
LoadModule ssl_module modules/mod_ssl.so
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
==========================================================
apache.2.2.8/conf/extra/httpd-vhosts.conf
==========================================================
NameVirtualHost *:80
<VirtualHost *:80>
<Directory "F:/Null">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName www.test.cn
ServerAdmin test@163.com
DocumentRoot F:/HTTP
<Directory "F:/HTTP">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName t.test.cn
ServerAdmin test@163.com
DocumentRoot F:/T
<Directory "F:/T">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName t.sports.com
ServerAdmin test@163.com
DocumentRoot F:/TSohu
<Directory "F:/TSohu">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
==========================================================
apache.2.2.8/conf/extra/httpd-ssl.conf
==========================================================
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/Program Files/Apache2.2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex default
<VirtualHost _default_:443>
DocumentRoot "F:/HTTPS"
ServerName www.test.cn:443
ServerAdmin susisoy@163.com
ErrorLog "D:/Program Files/Apache2.2/logs/error.log"
TransferLog "D:/Program Files/Apache2.2/logs/access.log"
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "D:/Program Files/Apache2.2/conf/server.crt"
SSLCertificateKeyFile "D:/Program Files/Apache2.2/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "D:/Program Files/Apache2.2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog "D:/Program Files/Apache2.2/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost> |
|
IP卡
狗仔卡
发表于 2008-10-22 23:26:55
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡