Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
在解決問題之道上不斷前行
最近專案準備上了,順便紀錄一下掛載SSL時的設定。
Apache基本的SSL設定要開啟443,通常先設定httpd-ssl.conf之類的文檔,類似的教學與討論很多,就請自行找尋。範例如下。
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName localhost
ServerAlias localhost
DocumentRoot /var/www/html/omeka/
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
#啟動SSL
SSLEngine On
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
#這邊放pem與key
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
#記得要設定訪問的資料夾位置與權限
<Directory 你的網站資料夾位置>
Options FollowSymLinks
AllowOverride All
</Directory>
ErrorLog /var/log/apache2/omeka-error_log
CustomLog /var/log/apache2/omeka-access_log common
<IfModule mod_headers.c>
<filesmatch "\.(html)$">
Header set Cache-Control "no-cache"
</filesmatch>
</IfModule>
</VirtualHost>
</IfModule>
然後要在OmekaS的資料夾中找到htaccess ,加入以下設定。
RewriteEngine On
# Always redirect to https.
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]