Navigation überspringen

Harald Markus Wirth


Seiteninhalt:

Configuring Apache to use SSL (Port 443) and redirect https

After creating a SSL certificate, I had to invite Apache to the party. My vhost configuration looks roughly like this:

# This may be needed on another server one day:
#LoadModule ssl_module modules/mod_ssl.so

# According to Stack Overflow, we HAVE to use "NameVirtualHost IP:443", but I didn't need it:
#NameVirtualHost 11.22.33.44:443

<VirtualHost  11.22.33.44:443>
	ServerName www.domain.com
	ServerAdmin webmaster@domain.com

	DocumentRoot /srv/www/domain.com/htdocs/
	CustomLog    /srv/www/domain.com/logs/access.log common
	ErrorLog     /srv/www/domain.com/logs/error.log

	# This alias keeps the document root clean (This is not really part of the web site)
	Alias /srv/www/domain.com/htdocs/.well-known/acme-challenge/ /srv/www/domain.com/ssl/
	Alias /srv/www/domain.com/htdocs/stats/ /srv/www/domain.com/stats/

	# emerg/alert/crit/error/warn/notice/info/debug/trace1/.../trace8
	LogLevel warn

	# Make sure, Apache can access the following files:
	SSLEngine On
	SSLCertificateFile      "/srv/www/domain.com/ssl/www.domain.com.crt"
	SSLCertificateKeyFile   "/srv/www/domain.com/ssl/www.domain.com.key"
	SSLCertificateChainFile "/srv/www/domain.com/ssl/chain.crt"

	<Directory /srv/www/domain.com/htdocs/>
		Options +FollowSymLinks +Indexes
		AllowOverride All
		Order allow,deny
		Allow from all
		Require all granted

		#<FilesMatch "\.php[345]?$">
		#	SetHandler php-fcgi
		#</FilesMatch>
	</Directory>
</VirtualHost>

<VirtualHost 5.132.159.80:80>
        ServerName www.domain.com
	Redirect permanent / https://www.domain.com/
</VirtualHost>

On a server, that has ISPConfig installed, I had to comment out "Alias /.well-known/acme-challenge/ /usr/local/ispconfig/interface/acme/.well-known/acme-challenge/" in /etc/apache2/sites-enabled/000-ispconfig.conf in order to get past ISPConfig's stubborness and let everyone access this folder in MY document_root. Users have no access to ISPCongigs' folder!?



Content Management:

μCMS α1.6