问题
I'm trying to dynamically read the location of the SSL certificates depending on which url was used to connect to my server. I have attempted a few different ways but none seem to work. Currently I have the config as noted below
UseCanonicalName Off
listen 443
<VirtualHost *:443>
ServerName example
ServerAlias *
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/%0/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/%0/privkey.pem
VirtualDocumentRoot /var/www/vhosts/%-2/%-3+/public
</VirtualHost>
The problem here is that when I start apache I get an error saying it can't find the file location for the ssl certificate stating '/etc/letsencrypt/live/%0/cert.pem'
So it seems the %0 is not being replaced by the url.
Edit: When I replace only %0 by the url manually then said url has working SSL
回答1:
From the documentation:
The variable %0 references the requested servername, as indicated in the Host: header.
The Host header is part of the HTTP request. The HTTP request is only available after the successful TLS handshake. The certificate is needed for this handshake. Thus, %0 can not be used to specify the path to the certificate.
I doubt that any other variables will be possible for this purpose since the certificates are loaded at startup and thus the file names have to be available already at start.
来源:https://stackoverflow.com/questions/41635535/non-wildcard-certificates-with-dynamic-apache-vhosts