在 Apache 上为 Django 应用程序配置 SSL 证书 (mod_wsgi) [英] Configure SSL Certificate on Apache for Django Application (mod_wsgi)

问题描述

我从 namecheap.com 购买了 SSL 证书，并将所需的文件放在我的 Ubuntu 服务器上(密钥和 crt).我正在使用 mod_wsgi 通过 Apache 为我的 Django 应用程序提供服务.我在安装 SSL 证书时遇到问题.

I've purchased a SSL certificate from namecheap.com and placed the required files on my Ubuntu server (key & crt's). I'm using mod_wsgi to serve my Django application with Apache. I'm having issues installing the SSL certificate.

当前配置(/etc/apache2/sites-available/000-default.conf)

Current Configuration (/etc/apache2/sites-available/000-default.conf)

<VirtualHost *:80>
        ServerAdmin admin@example.com
        #DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        #Django Application
        Alias /static /home/Django/professor/static_root
        <Directory /home/Django/professor/static_root>
                Require all granted
        </Directory>
        <Directory /home/Django/professor/professor>
                <Files wsgi.py>
                        Require all granted
                </Files>
        </Directory>

        WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages
        WSGIProcessGroup professor
        WSGIScriptAlias / /home/Django/professor/professor/wsgi.py

        #ServerName example.com
        #SSLEngine on
        #SSLCertificateFile /etc/apache2/ssl/server.crt
        #SSLCertificateKeyFile /etc/apache2/ssl/server.key
        #SSLCACertificateFile /etc/apache2/ssl/intermediate.crt

</VirtualHost>

我已注释掉 SSL 证书的行.目前，我的应用程序运行良好，但是当我取消注释启用 SSL 证书的行时，我的站点提供来自/var/www 而不是应用程序的文件.有任何想法吗?

I've commented out the lines for the SSL certificate. Currently, my application is running fine but when I uncomment the lines to enable to SSL certificate my site serves the files from /var/www and not the application. Any ideas?

推荐答案

您的问题是您的 apache 仅配置为端口 80，因此它不通过 https(端口 443)提供页面.

Your problem is that your apache is only configured for port 80, hence it doesn't serve pages over https (port 443).

在本例中，我假设您只想通过 https 为您的网站提供服务，因此您的配置大致如下所示.

For this example I assume you want to serve your website only over https, so here is how your config should approximately look like.

这是您的:000-default.conf

<VirtualHost *:80>
    ServerName example.com
    ServerAdmin admin@example.com

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # This is optional, in case you want to redirect people 
    # from http to https automatically.
    RewriteEngine On
    RewriteCond %{SERVER_PORT} !^443$
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]

</VirtualHost>

现在是default-ssl.conf:

<VirtualHost *:443>
    ServerName example.com
    ServerAdmin admin@example.com

    # Django Application
    Alias /static /home/Django/professor/static_root
    <Directory /home/Django/professor/static_root>
        Require all granted
    </Directory>

    <Directory /home/Django/professor/professor>
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>

    WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages
    WSGIProcessGroup professor
    WSGIScriptAlias / /home/Django/professor/professor/wsgi.py


    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/server.crt
    SSLCertificateKeyFile /etc/apache2/ssl/server.key
    SSLCACertificateFile /etc/apache2/ssl/intermediate.crt

</VirtualHost>

配置完成后，我们需要开启ssl站点并(可选)重写mod:

After configuration is done, we need to turn on the ssl site and (optionally) rewrite mod:

> sudo a2ensite default-ssl
> sudo a2enmod rewrite
> sudo service apache2 reload

这篇关于在 Apache 上为 Django 应用程序配置 SSL 证书 (mod_wsgi)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！