在 EC2 实例上设置 SSL 证书 [英] Setup an SSL certificate on an EC2 instance
问题描述
我很难在我的 EC2 微型实例上设置 SSL 证书(它是从 NameCheap 购买的 Comodo PositiveSSL)(我使用的是基于 CentOS 的 Amazon Linux AMI 2012.3,如果我没记错的话).
I'm having hard time trying to setup an SSL certificate (it's a Comodo PositiveSSL purshased from NameCheap) on my EC2 micro instance (I'm using Amazon Linux AMI 2012.3, which is based on CentOS if I'm not mistaken).
这就是我所做的:
我安装了 mod_ssl &OpenSSL
I installed mod_ssl & OpenSSL
我在 EC2 的实例安全组上启用了端口 443
I enabled port 443 on my EC2's instance security group
我修改了 *.key &*.crt 文件按照 Comodo 的建议保存到 777
I CHMODed the *.key & *.crt files to 777 as Comodo suggested
我确定 IP 地址 &文件路径正确(放一堆示例中为 0,但在我的 ssl.conf 中是正确的)
I'm certain the IP address & files path are correct (put a bunch of 0s in the example but it is correct in my ssl.conf)
我在 ssl.conf 中添加了这个 VirtualHost 条目
I added this VirtualHost entry to ssl.conf
<小时>
<VirtualHost 00.000.000.00:443>
############# I tried both with & without this section ##############
ServerName www.mydomain.com:443
ServerAlias www.mydomain.com
DocumentRoot /var/www
ServerAdmin webmaster@mydomain.com
######################################################################
SSLEngine on
SSLCertificateKeyFile /etc/ssl/mydomain_com.key
SSLCertificateFile /etc/ssl/mydomain_com.crt
SSLCertificateChainFile /etc/ssl/mydomain_com.ca-bundle
</VirtualHost>
<小时>
然后我重新启动了 apache...但我仍然无法访问 https://www.mydomain.com/ !!!
我检查了 ssltool.com,它说
The Common Name on the certificate is: ip-00-00-00-000
The certificate chain consists of:
SomeOrganization, ip-00-00-00-000. Expires on: Apr 10 13:39:41 2013 GMT - that's 363 days from today.
The site tested mydomain.com is NOT the same as the Subject CN ip-00-00-00-000!.
我什至去了 &将 VistualHost 复制到 httpd.conf 而不是 ssl.conf &重启了apache,一切都白费了.
I even went & copied the VistualHost to httpd.conf instead of ssl.conf & restarted apache, all in vain.
我这几天一直在用头撞墙.我很确定我错过了一个小东西来完成这项工作,我只是不知道到底是什么.
I've been banging my head against the wall for days now. I'm pretty sure I'm missing a tiny something to make this work, I just don't know what exactly.
如果有人能提出一些建议来完成这项工作,我将不胜感激!
I'd be infinitely grateful if someone can suggest something to make this work!
推荐答案
有时候这个部分
<VirtualHost _default_:443>
防止您的真实 SSL 证书被使用.如果是这种情况,请评论 VirtualHost default 或将 SSLCertificate* 属性移至它,即.
prevents your real SSL certificate from being used. If this is the case either comment VirtualHost default or move the SSLCertificate* attributes to it, ie.
<VirtualHost _default_:443>
SSLCertificateKeyFile /etc/ssl/mydomain_com.key
SSLCertificateFile /etc/ssl/mydomain_com.crt
SSLCertificateChainFile /etc/ssl/mydomain_com.ca-bundle
</VirtualHost>
确保在此之后重新启动 apache.
Make sure you restart apache after that.
这篇关于在 EC2 实例上设置 SSL 证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!