多站点配置SSL:https://www.gworg.com/ssl/615.html
Apache配置SSL证书:1.修改目录/Apache2/conf/下的httpd.conf
将#LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
去掉注释:loadModule socache_shmcb_module modules/mod_socache_shmcb.so
将#LoadModule ssl_module modules/mod_ssl.so
去掉注释:LoadModule ssl_module modules/mod_ssl.so
(upupw 5.3该注释去除后如果无法启动无法环境,还需要去掉注释:
# LoadFile "C:/Users/Administrator/Desktop/UPUPW_AP5.3/PHP5/ssleay32.dll"
# LoadFile "C:/Users/Administrator/Desktop/UPUPW_AP5.3/PHP5/libeay32.dll"
将#Include conf/extra/httpd-ssl.conf
去掉注释:Include conf/extra/httpd-ssl.conf
保存并退出:httpd.conf
2.修改/Apache2/conf下的httpd-vhost.conf
粘贴下面内容:
<VirtualHost _default_:443> DocumentRoot "C:/web/UPUPW_AP7.0/vhosts/www.abc.com" ServerName www.abc.com:443 ServerAlias www.abc.com ServerAdmin webmaster@example.com DirectoryIndex index.html index.htm index.php default.php app.php u.php ErrorLog logs/example_error.log CustomLog logs/example_access.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" SSLEngine on SSLCertificateFile "C:/web/UPUPW_AP7.0/Apache2/conf/2_www.abc.crt" SSLCertificateKeyFile "C:/web/UPUPW_AP7.0/Apache2/conf/3_www.abc.key" SSLCertificateChainFile "C:/web/UPUPW_AP7.0/Apache2/conf/1_root_bundle.crt" <Directory "C:/web/UPUPW_AP7.0/vhosts/www.abc.com"> SSLOptions +StdEnvVars AllowOverride All Require all granted </Directory> <FilesMatch "\.(shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 </VirtualHost>
将DocumentRoot "C:/web/UPUPW_AP7.0/vhosts/www.abc.com"中的sslroot/路径改为你网站根目录的绝对路径:如C:/UPUPW_AP7.0/vhosts/www.abc.com (注意路径反斜杠方向)
同时修改证书内容,密钥的路径,SSLCertificateFile "C:/web/UPUPW_AP7.0/Apache2/conf/2_www.abc.com.crt"中的2_www.abc.com.crt改为你证书的绝对路径
SSLCertificateKeyFile "C:/web/UPUPW_AP7.0/Apache2/conf/3_www.abc.key"中的C:/web/UPUPW_AP7.0/Apache2/conf/3_www.abc.key改为你证书密钥的绝对路径。如果有证书链,则在下一行
加上SSLCertificateChainFile "C:/web/UPUPW_AP7.0/Apache2/conf/1_root_bundle.crt",记得修改证书链的路径。
如:
SSLCertificateFile ""C:/UPUPW_AP7.0/Apache2/conf/server.crt"
SSLCertificateKeyFile ""C:/UPUPW_AP7.0/Apache2/conf/server.key"
SSLCertificateChainFile "C:/UPUPW_AP7.0/Apache2/conf/chain.crt"
上面只是示例,按照你证书的路径修改。
保存并退出httpd-vhost.conf。
3.回到主面板,输入rr回车以重启Apache。
强制使用https:
需要整站跳转,则在网站的配置文件的<Directory>标签内,键入以下内容:
RewriteEngine on RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)?$ https://%{SERVER_NAME}/$1 [L,R]
可以用在.htaccess文件中。
如果对某个目录做https强制跳转,则复制以下代码:
RewriteEngine on RewriteBase /yourfolder RewriteCond %{SERVER_PORT} !^443$ # RewriteRule ^(.*)?$ https://%{SERVER_NAME}/$1 [L,R] RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]