ubuntu16.04服务器apache的ssl证书配置

时间:2023-12-27 09:33:49
背景:在腾讯云申请的免费证书1年,服务器ubuntu 16.04版本,我的是多域名

1、ssl模块的安装
sudo a2enmod ssl //开启apache ssl模块
a2ensite default-ssl //开启default ssl virtual host
sudo service apache2 restart //重启apache

2、将腾讯云的ssl证书下载解压后上传到服务器任意文件夹,如:/data/djlcxcn/sslcert

3、修改/etc/apache2/sites-available文件夹下000-default.conf,内容如下
<VirtualHost *:80>
ServerName djlcx.cn
ServerAlias www.djlcx.cn
<Directory /data/djlcxcn>
#AllowOverride伪静态
AllowOverride All
Require all granted
</Directory>
ServerAdmin webmaster@localhost
DocumentRoot /data/djlcxcn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#强制http转向为https
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}$1 [L,R]
</VirtualHost> #ssl证书的配置
<VirtualHost 0.0.0.0:443>
DocumentRoot "/data/djlcxcn"
ServerName djlcx.cn
ServerAlias www.djlcx.cn
<Directory /data/djlcxcn>
#AllowOverride伪静态
AllowOverride All
Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /data/djlcxcn/sslcert/2_djlcx.cn.crt
SSLCertificateKeyFile /data/djlcxcn/sslcert/3_djlcx.cn.key
SSLCertificateChainFile /data/djlcxcn/sslcert/1_root_bundle.crt
</VirtualHost>
4、重启apache
sudo service apache2 restart

测试域名:https://djlcx.cn