在Apache上为Django应用程序配置SSL证书(mod_wsgi)

时间:2022-09-17 07:48:14

I've purchased a SSL certificate from namecheap.com and placed the required files on my Ubuntu server (key & crt's). I'm using mod_wsgi to serve my Django application with Apache. I'm having issues installing the SSL certificate.

我从namecheap.com购买了SSL证书,并将所需文件放在我的Ubuntu服务器上(key&crt's)。我正在使用mod_wsgi来为Apache提供Django应用程序。我在安装SSL证书时遇到问题。

Current Configuration (/etc/apache2/sites-available/000-default.conf)

当前配置(/etc/apache2/sites-available/000-default.conf)

<VirtualHost *:80>
        ServerAdmin admin@example.com
        #DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        #Django Application
        Alias /static /home/Django/professor/static_root
        <Directory /home/Django/professor/static_root>
                Require all granted
        </Directory>
        <Directory /home/Django/professor/professor>
                <Files wsgi.py>
                        Require all granted
                </Files>
        </Directory>

        WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages
        WSGIProcessGroup professor
        WSGIScriptAlias / /home/Django/professor/professor/wsgi.py

        #ServerName example.com
        #SSLEngine on
        #SSLCertificateFile /etc/apache2/ssl/server.crt
        #SSLCertificateKeyFile /etc/apache2/ssl/server.key
        #SSLCACertificateFile /etc/apache2/ssl/intermediate.crt

</VirtualHost>

I've commented out the lines for the SSL certificate. Currently, my application is running fine but when I uncomment the lines to enable to SSL certificate my site serves the files from /var/www and not the application. Any ideas?

我已经注释掉了SSL证书的行。目前,我的应用程序运行正常但是当我取消注释行以启用SSL证书时,我的站点提供来自/ var / www而不是应用程序的文件。有任何想法吗?

2 个解决方案

#1

17  

Your problem is that your apache is only configured for port 80, hence it doesn't serve pages over https (port 443).

您的问题是您的apache仅配置为端口80,因此它不通过https(端口443)提供页面。

For this example I assume you want to serve your website only over https, so here is how your config should approximately look like.

对于这个例子,我假设你只想通过https服务你的网站,所以这里是你的配置应该是什么样子。

Here is your: 000-default.conf

这是你的:000-default.conf

<VirtualHost *:80>
    ServerName example.com
    ServerAdmin admin@example.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # This is optional, in case you want to redirect people 
    # from http to https automatically.
    RewriteEngine On
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]

</VirtualHost>

Now here is default-ssl.conf:

现在这里是default-ssl.conf:

<VirtualHost *:443>
    ServerName example.com
    ServerAdmin admin@example.com

    # Django Application
    Alias /static /home/Django/professor/static_root
    <Directory /home/Django/professor/static_root>
        Require all granted
    </Directory>

    <Directory /home/Django/professor/professor>
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>

    WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages
    WSGIProcessGroup professor
    WSGIScriptAlias / /home/Django/professor/professor/wsgi.py


    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/server.crt
    SSLCertificateKeyFile /etc/apache2/ssl/server.key
    SSLCACertificateFile /etc/apache2/ssl/intermediate.crt

</VirtualHost>

After configuration is done, we need to turn on the ssl site and (optionally) rewrite mod:

配置完成后,我们需要打开ssl站点并(可选)重写mod:

> sudo a2ensite default-ssl
> sudo a2enmod rewrite
> sudo service apache2 reload

#2

1  

to complete Alexey's answer, when i faced the problem i had to disable the 000-default.conf site and use only ssl configuration

完成Alexey的答案,当我遇到问题时,我必须禁用000-default.conf站点并仅使用ssl配置

#1

17  

Your problem is that your apache is only configured for port 80, hence it doesn't serve pages over https (port 443).

您的问题是您的apache仅配置为端口80,因此它不通过https(端口443)提供页面。

For this example I assume you want to serve your website only over https, so here is how your config should approximately look like.

对于这个例子,我假设你只想通过https服务你的网站,所以这里是你的配置应该是什么样子。

Here is your: 000-default.conf

这是你的:000-default.conf

<VirtualHost *:80>
    ServerName example.com
    ServerAdmin admin@example.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # This is optional, in case you want to redirect people 
    # from http to https automatically.
    RewriteEngine On
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]

</VirtualHost>

Now here is default-ssl.conf:

现在这里是default-ssl.conf:

<VirtualHost *:443>
    ServerName example.com
    ServerAdmin admin@example.com

    # Django Application
    Alias /static /home/Django/professor/static_root
    <Directory /home/Django/professor/static_root>
        Require all granted
    </Directory>

    <Directory /home/Django/professor/professor>
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>

    WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages
    WSGIProcessGroup professor
    WSGIScriptAlias / /home/Django/professor/professor/wsgi.py


    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/server.crt
    SSLCertificateKeyFile /etc/apache2/ssl/server.key
    SSLCACertificateFile /etc/apache2/ssl/intermediate.crt

</VirtualHost>

After configuration is done, we need to turn on the ssl site and (optionally) rewrite mod:

配置完成后,我们需要打开ssl站点并(可选)重写mod:

> sudo a2ensite default-ssl
> sudo a2enmod rewrite
> sudo service apache2 reload

#2

1  

to complete Alexey's answer, when i faced the problem i had to disable the 000-default.conf site and use only ssl configuration

完成Alexey的答案,当我遇到问题时,我必须禁用000-default.conf站点并仅使用ssl配置

标签:

相关文章