Как настроить apache+vhost+ssl? Проблема с подключением ssl
Добрый день. Решил настроить phpmyadmin для ips с ssl в виде субдомена. Вот мои файлы настроек
/etc/apache2/sites-available/phpmyadmin
/** * GeSHi (C) 2004 - 2007 Nigel McNie, 2007 - 2008 Benny Baumann * (http://qbnz.com/highlighter/ and http://geshi.org/) */ .xml.geshi_code {font-family:monospace;} .xml.geshi_code .imp {font-weight: bold; color: red;} .xml.geshi_code .es0 {color: #000099; font-weight: bold;} .xml.geshi_code .br0 {color: #66cc66;} .xml.geshi_code .sy0 {color: #66cc66;} .xml.geshi_code .st0 {color: #ff0000;} .xml.geshi_code .sc-1 {color: #808080; font-style: italic;} .xml.geshi_code .sc0 {color: #00bbdd;} .xml.geshi_code .sc1 {color: #ddbb00;} .xml.geshi_code .sc2 {color: #339933;} .xml.geshi_code .sc3 {color: #009900;} .xml.geshi_code .re0 {color: #000066;} .xml.geshi_code .re1 {color: #000000; font-weight: bold;} .xml.geshi_code .re2 {color: #000000; font-weight: bold;} .xml.geshi_code span.xtra { display:block; }
<IfModule mod_ssl.c>
<VirtualHost phpmyadmin.site.ru:443>
ServerAdmin admin@site.ru
ServerName phpmyadmin.site.ru
DocumentRoot /var/www/phpmyadmin
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/phpmyadmin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/phpmyadmin-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/phpmyadmin-access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
и сам сайт
/etc/apache2/sites-available/site
/** * GeSHi (C) 2004 - 2007 Nigel McNie, 2007 - 2008 Benny Baumann * (http://qbnz.com/highlighter/ and http://geshi.org/) */ .xml.geshi_code {font-family:monospace;} .xml.geshi_code .imp {font-weight: bold; color: red;} .xml.geshi_code .es0 {color: #000099; font-weight: bold;} .xml.geshi_code .br0 {color: #66cc66;} .xml.geshi_code .sy0 {color: #66cc66;} .xml.geshi_code .st0 {color: #ff0000;} .xml.geshi_code .sc-1 {color: #808080; font-style: italic;} .xml.geshi_code .sc0 {color: #00bbdd;} .xml.geshi_code .sc1 {color: #ddbb00;} .xml.geshi_code .sc2 {color: #339933;} .xml.geshi_code .sc3 {color: #009900;} .xml.geshi_code .re0 {color: #000066;} .xml.geshi_code .re1 {color: #000000; font-weight: bold;} .xml.geshi_code .re2 {color: #000000; font-weight: bold;} .xml.geshi_code span.xtra { display:block; }
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/site.ru
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/site.ru>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^(.*) http://site.ru$1 [L,R]
</IfModule>
ErrorLog /var/log/apache2/site.ru-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/site.ru-access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName site.ru
DocumentRoot /var/www/site.ru
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/site.ru>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/site.ru-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/site.ru-access.log combined
</VirtualHost>
Как должно работать...
https://phpmyadmin.site.ru - открывается phpmyadmin
http://IP/ https://IP/ http://site.ru https://site.ru - открывается сайт
На деле выходит то что при любом запросе по https (https://IP/ или https://site.ru) он открывает phpmyadmin, чего быть не должно!!! Как настроить правильно сервак чтоб все запросы редиректили на http://site.ru, и только https://phpmyadmin.site.ru открывал phpmyadmin?
/etc/apache2/sites-available/phpmyadmin
/** * GeSHi (C) 2004 - 2007 Nigel McNie, 2007 - 2008 Benny Baumann * (http://qbnz.com/highlighter/ and http://geshi.org/) */ .xml.geshi_code {font-family:monospace;} .xml.geshi_code .imp {font-weight: bold; color: red;} .xml.geshi_code .es0 {color: #000099; font-weight: bold;} .xml.geshi_code .br0 {color: #66cc66;} .xml.geshi_code .sy0 {color: #66cc66;} .xml.geshi_code .st0 {color: #ff0000;} .xml.geshi_code .sc-1 {color: #808080; font-style: italic;} .xml.geshi_code .sc0 {color: #00bbdd;} .xml.geshi_code .sc1 {color: #ddbb00;} .xml.geshi_code .sc2 {color: #339933;} .xml.geshi_code .sc3 {color: #009900;} .xml.geshi_code .re0 {color: #000066;} .xml.geshi_code .re1 {color: #000000; font-weight: bold;} .xml.geshi_code .re2 {color: #000000; font-weight: bold;} .xml.geshi_code span.xtra { display:block; }
<IfModule mod_ssl.c>
<VirtualHost phpmyadmin.site.ru:443>
ServerAdmin admin@site.ru
ServerName phpmyadmin.site.ru
DocumentRoot /var/www/phpmyadmin
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/phpmyadmin/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/phpmyadmin-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/phpmyadmin-access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
и сам сайт
/etc/apache2/sites-available/site
/** * GeSHi (C) 2004 - 2007 Nigel McNie, 2007 - 2008 Benny Baumann * (http://qbnz.com/highlighter/ and http://geshi.org/) */ .xml.geshi_code {font-family:monospace;} .xml.geshi_code .imp {font-weight: bold; color: red;} .xml.geshi_code .es0 {color: #000099; font-weight: bold;} .xml.geshi_code .br0 {color: #66cc66;} .xml.geshi_code .sy0 {color: #66cc66;} .xml.geshi_code .st0 {color: #ff0000;} .xml.geshi_code .sc-1 {color: #808080; font-style: italic;} .xml.geshi_code .sc0 {color: #00bbdd;} .xml.geshi_code .sc1 {color: #ddbb00;} .xml.geshi_code .sc2 {color: #339933;} .xml.geshi_code .sc3 {color: #009900;} .xml.geshi_code .re0 {color: #000066;} .xml.geshi_code .re1 {color: #000000; font-weight: bold;} .xml.geshi_code .re2 {color: #000000; font-weight: bold;} .xml.geshi_code span.xtra { display:block; }
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/site.ru
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/site.ru>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^(.*) http://site.ru$1 [L,R]
</IfModule>
ErrorLog /var/log/apache2/site.ru-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/site.ru-access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName site.ru
DocumentRoot /var/www/site.ru
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/site.ru>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/site.ru-error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/site.ru-access.log combined
</VirtualHost>
Как должно работать...
https://phpmyadmin.site.ru - открывается phpmyadmin
http://IP/ https://IP/ http://site.ru https://site.ru - открывается сайт
На деле выходит то что при любом запросе по https (https://IP/ или https://site.ru) он открывает phpmyadmin, чего быть не должно!!! Как настроить правильно сервак чтоб все запросы редиректили на http://site.ru, и только https://phpmyadmin.site.ru открывал phpmyadmin?
1 ответов
Ух. Нашел выход
/etc/apache2/ports.conf
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
NameVirtualHost *:443
Listen 443
</IfModule>
/etc/apache2/sites-available/vhost-443
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin admin@site.ru
DocumentRoot "/var/www/site.ru"
<Directory />
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) http://%{HTTP_HOST}%{REQUEST_URI}
</IfModule>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
<VirtualHost *:443>
ServerName phpmyadmin.site.ru
ServerAdmin admin@site.ru
DocumentRoot "/var/www/phpmyadmin"
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>
</IfModule>
/etc/apache2/sites-available/vhost-80
<VirtualHost *:80>
ServerName site.ru
ServerAdmin admin@site.ru
DocumentRoot "/var/www/site.ru"
ErrorLog "/var/log/apache2/site.ru-error.log"
TransferLog "/var/log/apache2/site.ru-access.log"
</VirtualHost>