質問編集履歴

4

編集事項を追記

2016/05/20 07:23

投稿

hidepon
hidepon

スコア206

test CHANGED
File without changes
test CHANGED
@@ -55,3 +55,43 @@
55
55
  初めて作業するのでよくわかっていません
56
56
 
57
57
  宜しくお願いいたします。
58
+
59
+
60
+
61
+ ssl.conf の編集部分
62
+
63
+ Virtual Hostの部分に
64
+
65
+ DocumentRoot "/var/www/html"
66
+
67
+ ServerName www.hogehoge.com
68
+
69
+
70
+
71
+ SSLCertificateFile パス/file名
72
+
73
+ SSLCertificateKeyFile パス/file名
74
+
75
+ SSLCertificateChainFile パス/file名
76
+
77
+
78
+
79
+ を追記しました。
80
+
81
+ これでサーバを再起動したら
82
+
83
+ http://hogehoge.com/
84
+
85
+ で表示されますが、
86
+
87
+ https://hogehoge.com/
88
+
89
+ が表示されません。
90
+
91
+ httpd.confは編集していません。
92
+
93
+
94
+
95
+ どこがおかしいのでしょうか?
96
+
97
+ 宜しくお願いいたしあす

3

ssl\.conf 削除

2016/05/20 07:23

投稿

hidepon
hidepon

スコア206

test CHANGED
File without changes
test CHANGED
@@ -55,177 +55,3 @@
55
55
  初めて作業するのでよくわかっていません
56
56
 
57
57
  宜しくお願いいたします。
58
-
59
-
60
-
61
-
62
-
63
- ssl.confの内容です(不要な行を削除しています)
64
-
65
-
66
-
67
- ``
68
-
69
- LoadModule ssl_module modules/mod_ssl.so
70
-
71
- Listen 443
72
-
73
- ## SSL Global Context
74
-
75
- # Pass Phrase Dialog:
76
-
77
- SSLPassPhraseDialog builtin
78
-
79
- # Inter-Process Session Cache:
80
-
81
- SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
82
-
83
- SSLSessionCacheTimeout 300
84
-
85
- # Semaphore:
86
-
87
- SSLMutex default
88
-
89
- # Pseudo Random Number Generator (PRNG):
90
-
91
- SSLRandomSeed startup file:/dev/urandom 256
92
-
93
- SSLRandomSeed connect builtin
94
-
95
- #SSLRandomSeed startup file:/dev/random 512
96
-
97
- #SSLRandomSeed connect file:/dev/random 512
98
-
99
- #SSLRandomSeed connect file:/dev/urandom 512
100
-
101
- SSLEngine on
102
-
103
- SSLCryptoDevice builtin
104
-
105
- #SSLCryptoDevice ubsec
106
-
107
- ##
108
-
109
- ## SSL Virtual Host Context
110
-
111
- <VirtualHost _default_:443>
112
-
113
- # General setup for the virtual host, inherited from global configuration
114
-
115
- #DocumentRoot "/var/www/html"
116
-
117
- #ServerName www.example.com:443
118
-
119
- DocumentRoot "/var/www/html"
120
-
121
- ServerName hogehoge.com:443
122
-
123
-
124
-
125
- # Use separate log files for the SSL virtual host; note that LogLevel
126
-
127
- # is not inherited from httpd.conf.
128
-
129
- ErrorLog logs/ssl_error_log
130
-
131
- TransferLog logs/ssl_access_log
132
-
133
- LogLevel warn
134
-
135
- # SSL Engine Switch:
136
-
137
- # Enable/Disable SSL for this virtual host.
138
-
139
- SSLEngine on
140
-
141
- # SSL Protocol support:
142
-
143
- # List the enable protocol levels with which clients will be able to
144
-
145
- # connect. Disable SSLv2 access by default:
146
-
147
- SSLProtocol all -SSLv2 -SSLv3
148
-
149
- # SSL Cipher Suite:
150
-
151
- # List the ciphers that the client is permitted to negotiate.
152
-
153
- # See the mod_ssl documentation for a complete list.
154
-
155
- SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!LOW
156
-
157
- # Server Certificate:
158
-
159
- #SSLCertificateFile /etc/pki/tls/certs/localhost.crt
160
-
161
- SSLCertificateFile /etc/httpd/conf/ssl.crt/hogehoge_com.crt
162
-
163
-
164
-
165
- # Server Private Key:
166
-
167
- #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
168
-
169
- SSLCertificateKeyFile /etc/httpd/conf/ssl.key/hogehoge20160519.pem
170
-
171
-
172
-
173
- # Server Certificate Chain:
174
-
175
- #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
176
-
177
- # Certificate Authority (CA):
178
-
179
- #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
180
-
181
- # Client Authentication (Type):
182
-
183
- #SSLVerifyClient require
184
-
185
- #SSLVerifyDepth 10
186
-
187
- # Access Control:
188
-
189
- #<Location />
190
-
191
- #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
192
-
193
- # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
194
-
195
- # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
196
-
197
- # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
198
-
199
- # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
200
-
201
- # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
202
-
203
- #</Location>
204
-
205
- #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
206
-
207
- <Files ~ "\.(cgi|shtml|phtml|php3?)$">
208
-
209
- SSLOptions +StdEnvVars
210
-
211
- </Files>
212
-
213
- <Directory "/var/www/cgi-bin">
214
-
215
- SSLOptions +StdEnvVars
216
-
217
- </Directory>
218
-
219
- SetEnvIf User-Agent ".*MSIE.*" \
220
-
221
- nokeepalive ssl-unclean-shutdown \
222
-
223
- downgrade-1.0 force-response-1.0
224
-
225
- CustomLog logs/ssl_request_log \
226
-
227
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
228
-
229
- </VirtualHost>
230
-
231
- ```

2

書式変更

2016/05/20 07:14

投稿

hidepon
hidepon

スコア206

test CHANGED
File without changes
test CHANGED
@@ -60,9 +60,11 @@
60
60
 
61
61
 
62
62
 
63
- ssl.confの内容です(不要な行を削除)
63
+ ssl.confの内容です(不要な行を削除しています
64
+
65
+
66
+
64
-
67
+ ``
65
-
66
68
 
67
69
  LoadModule ssl_module modules/mod_ssl.so
68
70
 
@@ -96,71 +98,77 @@
96
98
 
97
99
  #SSLRandomSeed connect file:/dev/urandom 512
98
100
 
101
+ SSLEngine on
102
+
103
+ SSLCryptoDevice builtin
104
+
105
+ #SSLCryptoDevice ubsec
106
+
107
+ ##
108
+
109
+ ## SSL Virtual Host Context
110
+
111
+ <VirtualHost _default_:443>
112
+
113
+ # General setup for the virtual host, inherited from global configuration
114
+
115
+ #DocumentRoot "/var/www/html"
116
+
117
+ #ServerName www.example.com:443
118
+
99
119
  DocumentRoot "/var/www/html"
100
120
 
101
121
  ServerName hogehoge.com:443
102
122
 
123
+
124
+
125
+ # Use separate log files for the SSL virtual host; note that LogLevel
126
+
127
+ # is not inherited from httpd.conf.
128
+
129
+ ErrorLog logs/ssl_error_log
130
+
131
+ TransferLog logs/ssl_access_log
132
+
133
+ LogLevel warn
134
+
135
+ # SSL Engine Switch:
136
+
137
+ # Enable/Disable SSL for this virtual host.
138
+
103
139
  SSLEngine on
104
140
 
141
+ # SSL Protocol support:
142
+
143
+ # List the enable protocol levels with which clients will be able to
144
+
145
+ # connect. Disable SSLv2 access by default:
146
+
147
+ SSLProtocol all -SSLv2 -SSLv3
148
+
149
+ # SSL Cipher Suite:
150
+
151
+ # List the ciphers that the client is permitted to negotiate.
152
+
153
+ # See the mod_ssl documentation for a complete list.
154
+
155
+ SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!LOW
156
+
157
+ # Server Certificate:
158
+
159
+ #SSLCertificateFile /etc/pki/tls/certs/localhost.crt
160
+
105
161
  SSLCertificateFile /etc/httpd/conf/ssl.crt/hogehoge_com.crt
106
162
 
163
+
164
+
165
+ # Server Private Key:
166
+
167
+ #SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
168
+
107
169
  SSLCertificateKeyFile /etc/httpd/conf/ssl.key/hogehoge20160519.pem
108
170
 
109
- SSLCryptoDevice builtin
171
+
110
-
111
- #SSLCryptoDevice ubsec
112
-
113
- ##
114
-
115
- ## SSL Virtual Host Context
116
-
117
- <VirtualHost _default_:443>
118
-
119
- # General setup for the virtual host, inherited from global configuration
120
-
121
- #DocumentRoot "/var/www/html"
122
-
123
- #ServerName www.example.com:443
124
-
125
- # Use separate log files for the SSL virtual host; note that LogLevel
126
-
127
- # is not inherited from httpd.conf.
128
-
129
- ErrorLog logs/ssl_error_log
130
-
131
- TransferLog logs/ssl_access_log
132
-
133
- LogLevel warn
134
-
135
- # SSL Engine Switch:
136
-
137
- # Enable/Disable SSL for this virtual host.
138
-
139
- SSLEngine on
140
-
141
- # SSL Protocol support:
142
-
143
- # List the enable protocol levels with which clients will be able to
144
-
145
- # connect. Disable SSLv2 access by default:
146
-
147
- SSLProtocol all -SSLv2 -SSLv3
148
-
149
- # SSL Cipher Suite:
150
-
151
- # List the ciphers that the client is permitted to negotiate.
152
-
153
- # See the mod_ssl documentation for a complete list.
154
-
155
- SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!LOW
156
-
157
- # Server Certificate:
158
-
159
- SSLCertificateFile /etc/pki/tls/certs/localhost.crt
160
-
161
- # Server Private Key:
162
-
163
- SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
164
172
 
165
173
  # Server Certificate Chain:
166
174
 
@@ -219,3 +227,5 @@
219
227
  "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
220
228
 
221
229
  </VirtualHost>
230
+
231
+ ```

1

confファイルの追記

2016/05/20 03:41

投稿

hidepon
hidepon

スコア206

test CHANGED
File without changes
test CHANGED
@@ -55,3 +55,167 @@
55
55
  初めて作業するのでよくわかっていません
56
56
 
57
57
  宜しくお願いいたします。
58
+
59
+
60
+
61
+
62
+
63
+ ssl.confの内容です(不要な行を削除)
64
+
65
+
66
+
67
+ LoadModule ssl_module modules/mod_ssl.so
68
+
69
+ Listen 443
70
+
71
+ ## SSL Global Context
72
+
73
+ # Pass Phrase Dialog:
74
+
75
+ SSLPassPhraseDialog builtin
76
+
77
+ # Inter-Process Session Cache:
78
+
79
+ SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
80
+
81
+ SSLSessionCacheTimeout 300
82
+
83
+ # Semaphore:
84
+
85
+ SSLMutex default
86
+
87
+ # Pseudo Random Number Generator (PRNG):
88
+
89
+ SSLRandomSeed startup file:/dev/urandom 256
90
+
91
+ SSLRandomSeed connect builtin
92
+
93
+ #SSLRandomSeed startup file:/dev/random 512
94
+
95
+ #SSLRandomSeed connect file:/dev/random 512
96
+
97
+ #SSLRandomSeed connect file:/dev/urandom 512
98
+
99
+ DocumentRoot "/var/www/html"
100
+
101
+ ServerName hogehoge.com:443
102
+
103
+ SSLEngine on
104
+
105
+ SSLCertificateFile /etc/httpd/conf/ssl.crt/hogehoge_com.crt
106
+
107
+ SSLCertificateKeyFile /etc/httpd/conf/ssl.key/hogehoge20160519.pem
108
+
109
+ SSLCryptoDevice builtin
110
+
111
+ #SSLCryptoDevice ubsec
112
+
113
+ ##
114
+
115
+ ## SSL Virtual Host Context
116
+
117
+ <VirtualHost _default_:443>
118
+
119
+ # General setup for the virtual host, inherited from global configuration
120
+
121
+ #DocumentRoot "/var/www/html"
122
+
123
+ #ServerName www.example.com:443
124
+
125
+ # Use separate log files for the SSL virtual host; note that LogLevel
126
+
127
+ # is not inherited from httpd.conf.
128
+
129
+ ErrorLog logs/ssl_error_log
130
+
131
+ TransferLog logs/ssl_access_log
132
+
133
+ LogLevel warn
134
+
135
+ # SSL Engine Switch:
136
+
137
+ # Enable/Disable SSL for this virtual host.
138
+
139
+ SSLEngine on
140
+
141
+ # SSL Protocol support:
142
+
143
+ # List the enable protocol levels with which clients will be able to
144
+
145
+ # connect. Disable SSLv2 access by default:
146
+
147
+ SSLProtocol all -SSLv2 -SSLv3
148
+
149
+ # SSL Cipher Suite:
150
+
151
+ # List the ciphers that the client is permitted to negotiate.
152
+
153
+ # See the mod_ssl documentation for a complete list.
154
+
155
+ SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:!LOW
156
+
157
+ # Server Certificate:
158
+
159
+ SSLCertificateFile /etc/pki/tls/certs/localhost.crt
160
+
161
+ # Server Private Key:
162
+
163
+ SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
164
+
165
+ # Server Certificate Chain:
166
+
167
+ #SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
168
+
169
+ # Certificate Authority (CA):
170
+
171
+ #SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
172
+
173
+ # Client Authentication (Type):
174
+
175
+ #SSLVerifyClient require
176
+
177
+ #SSLVerifyDepth 10
178
+
179
+ # Access Control:
180
+
181
+ #<Location />
182
+
183
+ #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
184
+
185
+ # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
186
+
187
+ # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
188
+
189
+ # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
190
+
191
+ # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
192
+
193
+ # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
194
+
195
+ #</Location>
196
+
197
+ #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
198
+
199
+ <Files ~ "\.(cgi|shtml|phtml|php3?)$">
200
+
201
+ SSLOptions +StdEnvVars
202
+
203
+ </Files>
204
+
205
+ <Directory "/var/www/cgi-bin">
206
+
207
+ SSLOptions +StdEnvVars
208
+
209
+ </Directory>
210
+
211
+ SetEnvIf User-Agent ".*MSIE.*" \
212
+
213
+ nokeepalive ssl-unclean-shutdown \
214
+
215
+ downgrade-1.0 force-response-1.0
216
+
217
+ CustomLog logs/ssl_request_log \
218
+
219
+ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
220
+
221
+ </VirtualHost>