我是Apache服务器的新手,我正在Mac(Mojave)上设置apache来进行一些本地Web开发。我已经设置了虚拟主机,可以导航到设置的站点测试页面,但是会收到一条警告,指出连接不安全。我已经完成了一些教程,并对httpd.config和httpd-ssl.config进行了更改
我怀疑该问题也可能与我自己生成的SSL证书有关。
错误日志:
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using Michaels-MacBook-Pro.local. Set the 'ServerName' directive globally to suppress this message
[Wed Nov 27 16:05:39.392449 2019] [ssl:warn] [pid 9207] AH01906: membersplash.mmdev:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Wed Nov 27 16:05:39.392512 2019] [ssl:warn] [pid 9207] AH01909: membersplash.mmdev:443:0 server certificate does NOT include an ID which matches the server name
[Wed Nov 27 16:05:39.394733 2019] [mpm_prefork:notice] [pid 9207] AH00163: Apache/2.4.34 (Unix) PHP/7.1.23 LibreSSL/2.5.5 configured -- resuming normal operations
[Wed Nov 27 16:05:39.394797 2019] [core:notice] [pid 9207] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
Httpd.config
<VirtualHost *:443>
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
DocumentRoot /Users/USERNAME/Sites/WordPress/public/install/wordpress
ServerName membersplash.mmdev
ServerAlias www.membersplash.mmdev
SSLCertificateFile "/etc/apache2/ssl/rootCA.pem"
SSLCertificateKeyFile "/etc/apache2/ssl/rootCA-key.pem"
</VirtualHost>
<VirtualHost *:80>
DocumentRoot /Users/USERNAME/Sites/WordPress/public/install/wordpress
ServerName membersplash.mmdev
ServerAlias www.membersplash.mmdev
<VirtualHost
您可以单击高级,然后使用Chrome浏览器访问该网站,但是安全警告不会消失。这与不可信机构(您)签署的证书有关
您可以通过对钥匙链和浏览器设置进行更新来完成全部步骤,但是,还有更好的方法。
签出这个叫做mkcert的非常酷的工具:https://blog.filippo.io/mkcert-valid-https-certificates-for-localhost/
关于它们如何解决问题的说明:
Here's the twist: it doesn't generate self-signed certificates, but certificates signed by your own private CA, which your machine is automatically configured to trust when you run mkcert -install. So when your browser loads a certificate generated by your instance of mkcert, it will show up with a green lock!如果您想手动完成本文,可能会有所帮助:https://www.robpeck.com/2010/10/google-chrome-mac-os-x-and-self-signed-ssl-certificates/