阿里云apache部署https证书时出错

有运维或运维开发方面的需求,可以联系博主QQ 452336092或Email:admin#centos.bz(收费)

以下为阿里云ssl免费证书配置说明

文件说明:

  1. 证书文件214323522410239.pem,包含两段内容,请不要删除任何一段内容。

  2. 如果是证书系统创建的CSR,还包含:证书私钥文件214323522410239.key、证书公钥文件public.pem、证书链文件chain.pem。

( 1 ) 在Apache的安装目录下创建cert目录,并且将下载的全部文件拷贝到cert目录中。如果申请证书时是自己创建的CSR文件,请将对应的私钥文件放到cert目录下并且命名为214323522410239.key;

( 2 ) 打开 apache 安装目录下 conf 目录中的 httpd.conf 文件,找到以下内容并去掉“#”:

#LoadModule ssl_module modules/mod_ssl.so (如果找不到请确认是否编译过 openssl 插件)
#Include conf/extra/httpd-ssl.conf

( 3 ) 打开 apache 安装目录下 conf/extra/httpd-ssl.conf 文件 (也可能是conf.d/ssl.conf,与操作系统及安装方式有关), 在配置文件中查找以下配置语句:

# 添加 SSL 协议支持协议,去掉不安全的协议
SSLProtocol all -SSLv2 -SSLv3
# 修改加密套件如下
SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
SSLHonorCipherOrder on
# 证书公钥配置
SSLCertificateFile cert/public.pem
# 证书私钥配置
SSLCertificateKeyFile cert/214323522410239.key
# 证书链配置,如果该属性开头有 '#'字符,请删除掉
SSLCertificateChainFile cert/chain.pem

配置到 Include conf/extra/httpd-ssl.conf时apache崩溃

以下是错误信息,并非是端口被占用,conf.d下的ssl.conf的443端口改为其他的比如442 Apache报错的信息就变成了Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz httpd[8889]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:442

● httpd.service – The Apache HTTP Server

Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2017-11-07 16:06:58 CST; 779ms ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 8890 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE)
Process: 8889 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
Main PID: 8889 (code=exited, status=1/FAILURE)

Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz httpd[8889]: [Tue Nov 07 16:06:58.227637 2017] [so:warn] [pid 8889] AH01574: module ssl_module is already loaded, skipping
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz httpd[8889]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:443
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz httpd[8889]: no listening sockets available, shutting down
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz httpd[8889]: AH00015: Unable to open logs
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz kill[8890]: kill: cannot find process ""
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz systemd[1]: httpd.service: control process exited, code=exited status=1
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz systemd[1]: Failed to start The Apache HTTP Server.
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz systemd[1]: Unit httpd.service entered failed state.
Nov 07 16:06:58 iz2ze21pkduhss4dhzoonjz systemd[1]: httpd.service failed.

原文出处:thinkphp -> http://www.thinkphp.cn/topic/52793.html

打赏

如果此文对你有所帮助,请随意打赏鼓励作者^_^