开发者

OSX Local SSL not Respected?

开发者 https://www.devze.com 2023-03-12 04:57 出处:网络
I\'m clearly missing something, probably something obvious, but I\'m just not seeing it. I have a self-signed certificate configured on my MBP (running Apache via Macports). It\'s a wildcard cert for

I'm clearly missing something, probably something obvious, but I'm just not seeing it. I have a self-signed certificate configured on my MBP (running Apache via Macports). It's a wildcard cert for *.local and I've configured a named virtual host for a site I'm working on, but when I attempt to access it via https, PHP's $_SERVER variables indicate that the SSL access isn't been recognized/respected. Even though I'm accessing https://mynamedhost.local开发者_Python百科, the PORT key reports port 80 and no HTTPS key exists.

This is a CakePHP site, so the lack of an HTTPS key prevents RequestHandler::isSSL() from reporting true. Any insights would be much appreciated.

Here's my httpd settings output:

$ httpd -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443                  is a NameVirtualHost
     default server www.example.com (/opt/local/apache2/conf/extra/httpd-ssl.conf:74)
     port 443 namevhost www.example.com (/opt/local/apache2/conf/extra/httpd-ssl.conf:74)
     port 443 namevhost mynamedhost.local (/Users/rob/Library/Application Support/MacPorts/apache/conf.d/mynamedhost.conf:17)
*:80                   is a NameVirtualHost
     default server localhost (/Users/rob/Dropbox/Application Support/apache/conf.d.osx/_localhost.conf:1)
     port 80 namevhost localhost (/Users/rob/Dropbox/Application Support/apache/conf.d.osx/_localhost.conf:1)
     port 80 namevhost mynamedhost.local (/Users/rob/Library/Application Support/MacPorts/apache/conf.d/mynamedhost.conf:1)
Syntax OK

My namedhost virtual host definition looks like this:

<VirtualHost *:80>
  ServerName   mynamedhost.local
  DocumentRoot /var/www/mynamedhost/app/webroot

  ErrorLog     /var/www/.logs/mynamedhost_error_log
  CustomLog    /var/www/.logs/mynamedhost_access_log common

  <Directory /var/www/mynamedhost/app/webroot>
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    Allow from all
  </Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerName    namedhost.local
  DocumentRoot  /var/www/mynamedhost/app/webroot

  ErrorLog     /var/www/.logs/mynamedhost_error_log
  CustomLog    /var/www/.logs/mynamedhost_access_log common

  <Directory /var/www/mynamedhost/app/webroot>
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    Allow from all
  </Directory>
</VirtualHost>


Got it. In the Macports extras/httpd-ssl.conf file, the SSL engine was turned on and the certificate files defined. I thought this would trickle down to custom virtual hosts, but I was wrong. On a lark, I decided to drop the following into the *:443 virtual host definition:

SSLEngine on
SSLCertificateFile "/opt/local/apache2/conf/server.crt"
SSLCertificateKeyFile "/opt/local/apache2/conf/server.key"

Now everything seems to work as expected. I still think I have something funky going on in my config, but this is going to have to be okay for now. For anyone playing at home, the modified virtual host config looks like this (the *:80 config as shown above didn't change):

<VirtualHost *:443>
  ServerName    mynamedhost.local
  DocumentRoot  /var/www/mynamedhost/app/webroot

  ErrorLog     /var/www/.logs/mynamedhost_error_log
  CustomLog    /var/www/.logs/mynamedhost_access_log common

  SSLEngine on
  SSLCertificateFile "/opt/local/apache2/conf/server.crt"
  SSLCertificateKeyFile "/opt/local/apache2/conf/server.key"

  <Directory /var/www/mynamedhost/app/webroot>
    Options FollowSymLinks Indexes
    AllowOverride All
    Order deny,allow
    Allow from all
  </Directory>
</VirtualHost>
0

精彩评论

暂无评论...
验证码 换一张
取 消