ad95dbdf4eaf328478a803a6a47af81bfb731956
Linux/Apache.md
... | ... | @@ -212,11 +212,29 @@ SSLProtocol all -SSLv2 -SSLv3 |
212 | 212 | |
213 | 213 | - /etc/httpd/conf.d/ssl.conf (抜粋) |
214 | 214 | ``` |
215 | +Listen 443 https |
|
216 | +SSLEngine on |
|
215 | 217 | SSLCertificateFile /etc/letsencrypt/live/<ドメイン1>/cert.pem |
216 | 218 | SSLCertificateKeyFile /etc/letsencrypt/live/<ドメイン1>/privkey.pem |
217 | 219 | SSLCertificateChainFile /etc/letsencrypt/live/<ドメイン1>/chain.pem |
218 | 220 | ``` |
219 | 221 | |
222 | +- /etc/httpd/conf.d/VirtualHosts.conf (抜粋) |
|
223 | +バーチャルホスト毎に SSL 設定が必要。 |
|
224 | +``` |
|
225 | +<VirtualHost *:80 *:443> |
|
226 | + ServerName vh1.<ドメイン1> |
|
227 | + DocumentRoot /var/www/vh1-html/ |
|
228 | + SSLEngine on |
|
229 | + SSLCertificateFile /etc/letsencrypt/live/<ドメイン1>/cert.pem |
|
230 | + SSLCertificateKeyFile /etc/letsencrypt/live/<ドメイン1>/privkey.pem |
|
231 | + SSLCertificateChainFile /etc/letsencrypt/live/<ドメイン1>/chain.pem |
|
232 | + <Directory "/var/www/vh1-html"> |
|
233 | + AllowOverride All |
|
234 | + </Directory> |
|
235 | +</VirtualHost> |
|
236 | +``` |
|
237 | + |
|
220 | 238 | - 自動更新スクリプト /etc/cron.monthly/certbot.sh |
221 | 239 | ```bash |
222 | 240 | #!/bin/bash |