内容纲要
1.进入blog容器
docker exec -it blog bash
2.运行a2enmod ssl 确认是否开启ssl支持
root@bd1326a44476:/etc# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Module socache_shmcb already enabled
Module ssl already enabled
3.上传证书到 /etc/apache2/ssl
mkdir -p /etc/apache2/ssl
root@bd1326a44476:/etc/apache2/ssl# ls
ca.crt www.wenjiangun.com.crt www.wenjiangun.com.key
4.复制apache ssl文件并配置
root@bd1326a44476:/etc/apache2/ssl# cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/default-ssl.conf
root@bd1326a44476:/etc/apache2/ssl# vim /etc/apache2/sites-enabled/default-ssl.conf
ServerName www.wenjiangun.com
SSLEngine on
SSLCertificateFile /etc/www.wenjiangun.com.crt
SSLCertificateKeyFile /etc/www.wenjiangun.com.key
SSLCertificateChainFile /etc/ca.crt
5. 检查/etc/apache2/sites-enabled目录下是否存在default-ssl.conf,
检查/etc/apache2/mods-enabled目录下是否存在ssl.conf、ssl.load
6.http强制跳转https
root@bd1326a44476:/etc/apache2/ssl# vim /etc/apache2/sites-available/000-default.conf
在DocumentRoot下面加上代码
<Directory "/var/www/html">
RewriteEngine on
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) [https://%](https://%25/){SERVER_NAME}/$1 [R,L]
</Directory>
7 .重启apache
root@bd1326a44476:/etc/apache2/ssl# service apache2 restart
8.安装插件 Really Simple SSL