I'm using Apache/2.2.22 (Debian) on Google Compute Engine with a Wordpress Install (click-to-deploy).
我在Google Compute Engine上使用Apache / 2.2.22(Debian)和Wordpress安装(点击部署)。
I'm trying to setup an SSL certificate (https) for the Wordpress install. I've created a static IP, a private key, a CSR and have uploaded SSL & intermediate crt files (from freeSSL.com) to etc/apache2/ssl
(with the private key) and given this folder root:root
permission.
我正在尝试为Wordpress安装设置SSL证书(https)。我创建了一个静态IP,一个私钥,一个CSR,并已将SSL和中间crt文件(从freeSSL.com上传)上传到etc / apache2 / ssl(使用私钥),并给予此文件夹root:root权限。
I've followed https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-debian-7 and updated default-ssl config file as instructed (updating pathnames to .crt and .key files, ServerName and ServerAdmin).
我按照指示访问了https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-debian-7并更新了default-ssl配置文件(更新路径名为.crt和.key文件,ServerName和ServerAdmin)。
I ran a configtest (got syntax OK), enabled default-ssl and rebooted apache. When I visit https://domain
or https://ip-address
, I get a "This Webpage is Unavailable" error (ERR_CONNECTION_CLOSED). The wordpress install still loads ok on http.
我运行了configtest(语法正常),启用了default-ssl并重新启动了apache。当我访问https://域或https:// ip-address时,出现“此网页不可用”错误(ERR_CONNECTION_CLOSED)。 wordpress安装仍然在http上加载正常。
The SSL checker at https://www.digicert.com/help/ gives me a "no certificates found" error, although the certificates are there.
虽然证书在那里,但https://www.digicert.com/help/上的SSL检查程序给我“找不到证书”错误。
2 个解决方案
#1
Here's what worked for me;
这对我有用;
First attempt to enable HTTPS with the checkbox in the Compute | Compute Engine | VM Instances config settings. Should this fail with an error message you can add a firewall rule directly...
首先尝试使用Compute |中的复选框启用HTTPS计算引擎| VM实例配置设置。如果失败并显示错误消息,您可以直接添加防火墙规则...
On the Compute | Compute Engine | Networks page, select the 'default' network. Then under 'Firewall rules' click 'Add a new rule'. Use the following settings;
关于计算|计算引擎|在“网络”页面中,选择“默认”网络。然后在“防火墙规则”下单击“添加新规则”。使用以下设置;
Name: allow-https
IP Range: 0.0.0.0/0
Allowed Protocol/Ports: tcp:443
Target tags: http-server
All of the above is assuming that you have exhausted all the other apache configuration options (ports.conf, Virtual Hosts etc).
以上所有假设您已经用尽所有其他apache配置选项(ports.conf,虚拟主机等)。
#2
Here is the solution :
这是解决方案:
Install VM – WordPress (Solution provided by Google cloud servers), my OS is Debian 7 or Built in Google Wordpress.
安装VM - WordPress(由Google云服务器提供的解决方案),我的操作系统是Debian 7或内置于Google Wordpress。
Dot forgot to allow firewall at Google cloud console
Dot忘了允许在Google云控制台上安装防火墙
Allow HTTP traffic
Allow HTTPS traffic
Install Open SSH Key and access SSH (maybe using Putty)
安装Open SSH Key并访问SSH(可能使用Putty)
Connect/login ssh (using Putty) or other terminal
连接/登录ssh(使用Putty)或其他终端
Change user (SSL terminal)
更改用户(SSL终端)
$ sudo su
$ sudo su
now edit by vi/nano
现在由vi / nano编辑
# nano /etc/apache2/sites-available/default-ssl.conf
add this lines
添加这一行
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
Also all certificate details, which you might need to purchase form provider
还有所有证书详细信息,您可能需要购买表单提供程序
SSLCertificateFile /etc/a..../...../..../gulfstatesoftware_com.crt SSLCertificateKeyFile /etc/a..../...../..../gulfstatesoftware_com.key SSLCertificateChainFile /etc/a..../...../..../gulfstatesoftware_com.ca-bundle
SSLCertificateFile /etc/a..../...../..../gulfstatesoftware_com.crt SSLCertificateKeyFile /etc/a..../...../..../gulfstatesoftware_com.key SSLCertificateChainFile /等/一个.... / ..... / .... / gulfstatesoftware_com.ca束
and # key which doesn't required.
和#key不需要。
Save and exit.
保存并退出。
Run this commands in terminal :
在终端中运行以下命令:
sudo a2ensite default-ssl
service apache2 reload
sudo a2enmod ssl
service apache2 reload
sudo service apache2 restart
You might wants to fix Permalink : (www.example.com/my-blog-url), thats also in wordpress.conf file.
您可能想修复Permalink :( www.example.com/my-blog-url),也就是在wordpress.conf文件中。
- edit
# nano /etc/apache2/sites-available/wordpress.conf
Change :AllowOverride All
-
add .htaccess to /var/www/html
将.htaccess添加到/ var / www / html
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule>
RewriteEngine On RewriteBase / RewriteRule ^ index \ .php $ - [L] RewriteCond%{REQUEST_FILENAME}!-f RewriteCond%{REQUEST_FILENAME}!-d RewriteRule。 /index.php [L]
编辑#nano /etc/apache2/sites-available/wordpress.conf更改:AllowOverride All
#1
Here's what worked for me;
这对我有用;
First attempt to enable HTTPS with the checkbox in the Compute | Compute Engine | VM Instances config settings. Should this fail with an error message you can add a firewall rule directly...
首先尝试使用Compute |中的复选框启用HTTPS计算引擎| VM实例配置设置。如果失败并显示错误消息,您可以直接添加防火墙规则...
On the Compute | Compute Engine | Networks page, select the 'default' network. Then under 'Firewall rules' click 'Add a new rule'. Use the following settings;
关于计算|计算引擎|在“网络”页面中,选择“默认”网络。然后在“防火墙规则”下单击“添加新规则”。使用以下设置;
Name: allow-https
IP Range: 0.0.0.0/0
Allowed Protocol/Ports: tcp:443
Target tags: http-server
All of the above is assuming that you have exhausted all the other apache configuration options (ports.conf, Virtual Hosts etc).
以上所有假设您已经用尽所有其他apache配置选项(ports.conf,虚拟主机等)。
#2
Here is the solution :
这是解决方案:
Install VM – WordPress (Solution provided by Google cloud servers), my OS is Debian 7 or Built in Google Wordpress.
安装VM - WordPress(由Google云服务器提供的解决方案),我的操作系统是Debian 7或内置于Google Wordpress。
Dot forgot to allow firewall at Google cloud console
Dot忘了允许在Google云控制台上安装防火墙
Allow HTTP traffic
Allow HTTPS traffic
Install Open SSH Key and access SSH (maybe using Putty)
安装Open SSH Key并访问SSH(可能使用Putty)
Connect/login ssh (using Putty) or other terminal
连接/登录ssh(使用Putty)或其他终端
Change user (SSL terminal)
更改用户(SSL终端)
$ sudo su
$ sudo su
now edit by vi/nano
现在由vi / nano编辑
# nano /etc/apache2/sites-available/default-ssl.conf
add this lines
添加这一行
<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
Also all certificate details, which you might need to purchase form provider
还有所有证书详细信息,您可能需要购买表单提供程序
SSLCertificateFile /etc/a..../...../..../gulfstatesoftware_com.crt SSLCertificateKeyFile /etc/a..../...../..../gulfstatesoftware_com.key SSLCertificateChainFile /etc/a..../...../..../gulfstatesoftware_com.ca-bundle
SSLCertificateFile /etc/a..../...../..../gulfstatesoftware_com.crt SSLCertificateKeyFile /etc/a..../...../..../gulfstatesoftware_com.key SSLCertificateChainFile /等/一个.... / ..... / .... / gulfstatesoftware_com.ca束
and # key which doesn't required.
和#key不需要。
Save and exit.
保存并退出。
Run this commands in terminal :
在终端中运行以下命令:
sudo a2ensite default-ssl
service apache2 reload
sudo a2enmod ssl
service apache2 reload
sudo service apache2 restart
You might wants to fix Permalink : (www.example.com/my-blog-url), thats also in wordpress.conf file.
您可能想修复Permalink :( www.example.com/my-blog-url),也就是在wordpress.conf文件中。
- edit
# nano /etc/apache2/sites-available/wordpress.conf
Change :AllowOverride All
-
add .htaccess to /var/www/html
将.htaccess添加到/ var / www / html
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule>
RewriteEngine On RewriteBase / RewriteRule ^ index \ .php $ - [L] RewriteCond%{REQUEST_FILENAME}!-f RewriteCond%{REQUEST_FILENAME}!-d RewriteRule。 /index.php [L]
编辑#nano /etc/apache2/sites-available/wordpress.conf更改:AllowOverride All