1. 首页
  2. 问答
  3. 配置SSL证书在Apache Django的应用程序(mod_wsgi的)

配置SSL证书在Apache Django的应用程序(mod_wsgi的)

2015-09-27 85 views
4

我已经购买从namecheap.com一个SSL证书,并把我的Ubuntu服务器上的所需文件(关键& CRT的)。我使用mod_wsgi来为我的Django应用程序提供Apache服务。我在安装SSL证书时遇到问题。配置SSL证书在Apache Django的应用程序(mod_wsgi的)

当前配置(/etc/apache2/sites-available/000-default.conf)

<VirtualHost *:80> 
     ServerAdmin [email protected] 
     #DocumentRoot /var/www/html 

     ErrorLog ${APACHE_LOG_DIR}/error.log 
     CustomLog ${APACHE_LOG_DIR}/access.log combined 

     #Django Application 
     Alias /static /home/Django/professor/static_root 
     <Directory /home/Django/professor/static_root> 
       Require all granted 
     </Directory> 
     <Directory /home/Django/professor/professor> 
       <Files wsgi.py> 
         Require all granted 
       </Files> 
     </Directory> 

     WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages 
     WSGIProcessGroup professor 
     WSGIScriptAlias//home/Django/professor/professor/wsgi.py 

     #ServerName example.com 
     #SSLEngine on 
     #SSLCertificateFile /etc/apache2/ssl/server.crt 
     #SSLCertificateKeyFile /etc/apache2/ssl/server.key 
     #SSLCACertificateFile /etc/apache2/ssl/intermediate.crt 

</VirtualHost>

我注释掉的SSL证书的线条。目前,我的应用程序运行良好,但是当我取消注释启用SSL证书的行时,我的站点从/ var/www而不是应用程序提供文件。有任何想法吗?

来源

2015-09-27 Kosuke Miyagi

回答

14

你的问题是,你的Apache配置为仅针对80端口,因此它不会成为网页上https(端口443)。

在这个例子中我假设你想只通过https服务于自己的网站,这里是如何你的配置应该大致模样。

这里是你的:000-default.conf

<VirtualHost *:80> 
    ServerName example.com 
    ServerAdmin [email protected] 

    ErrorLog ${APACHE_LOG_DIR}/error.log 
    CustomLog ${APACHE_LOG_DIR}/access.log combined 

    # This is optional, in case you want to redirect people 
    # from http to https automatically. 
    RewriteEngine On 
    RewriteCond %{SERVER_PORT} !^443$ 
    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L] 

</VirtualHost>

现在这里是default-ssl.conf

<VirtualHost *:443> 
    ServerName example.com 
    ServerAdmin [email protected] 

    # Django Application 
    Alias /static /home/Django/professor/static_root 
    <Directory /home/Django/professor/static_root> 
     Require all granted 
    </Directory> 

    <Directory /home/Django/professor/professor> 
     <Files wsgi.py> 
      Require all granted 
     </Files> 
    </Directory> 

    WSGIDaemonProcess professor python-path=/home/Django/professor:/home/Django/professor-vm/lib/python2.7/site-packages 
    WSGIProcessGroup professor 
    WSGIScriptAlias//home/Django/professor/professor/wsgi.py 


    SSLEngine on 
    SSLCertificateFile /etc/apache2/ssl/server.crt 
    SSLCertificateKeyFile /etc/apache2/ssl/server.key 
    SSLCACertificateFile /etc/apache2/ssl/intermediate.crt 

</VirtualHost>

配置完成后,我们需要打开SSL站点和(可选)重写MOD:

> sudo a2ensite default-ssl 
> sudo a2enmod rewrite 
> sudo service apache2 reload

来源

2015-09-28 04:14:59

+0

我已完成上述但由于某种原因有无限重定向循环列出的变化。有任何想法吗?我相信它与我们的重写配置有关。 –

+0

已修复,这是由于CloudFlare SSL欺骗Apache配置。感谢所有的帮助:) –

+2

@KosukeMiyagi,真棒,乐于帮助。不要忘记接受答案。 :) –

0

完成阿列克谢的答案,当我面临的问题,我牛逼O禁止000-default.conf网站,并只使用SSL配置

来源

2017-09-17 02:20:49 leila

相关问题

 相关问题