Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

[OmekaS]關於設定Https

內容目錄

關於設定Https

最近專案準備上了,順便紀錄一下掛載SSL時的設定。

Apache設定

Apache基本的SSL設定要開啟443,通常先設定httpd-ssl.conf之類的文檔,類似的教學與討論很多,就請自行找尋。範例如下。

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin webmaster@localhost
    ServerName localhost
    ServerAlias localhost
    DocumentRoot /var/www/html/omeka/

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

    #   SSL Engine Switch:
    #   Enable/Disable SSL for this virtual host.
    #啟動SSL
    SSLEngine On

    #   A self-signed (snakeoil) certificate can be created by installing
    #   the ssl-cert package. See
    #   /usr/share/doc/apache2/README.Debian.gz for more info.
    #   If both key and certificate are stored in the same file, only the
    #   SSLCertificateFile directive is needed.

    #這邊放pem與key
    SSLCertificateFile     /etc/ssl/certs/ssl-cert-snakeoil.pem
    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

    #記得要設定訪問的資料夾位置與權限
    <Directory 你的網站資料夾位置>
            Options FollowSymLinks
            AllowOverride All
    </Directory>
            ErrorLog /var/log/apache2/omeka-error_log
            CustomLog /var/log/apache2/omeka-access_log common
    <IfModule mod_headers.c>
    <filesmatch "\.(html)$">
            Header set Cache-Control "no-cache"
    </filesmatch>
    </IfModule>

</VirtualHost>
</IfModule>

OmekaS設定

然後要在OmekaS的資料夾中找到htaccess ,加入以下設定。

RewriteEngine On
# Always redirect to https.
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]