У меня есть 3 виртуальных хоста, которые я настраиваю в apache httpd.conf:
<VirtualHost *:80>
ServerName www.example.com
DocumentRoot /ec2-user/myproject
RewriteEngine on
RewriteCond %{HTTP_HOST} =www.example.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:80>
ServerName domain2.example.com
DocumentRoot /ec2-user/myproject
RewriteEngine on
RewriteCond %{HTTP_HOST} =domain2.example.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:80>
ServerName domain3.example.com
DocumentRoot /ec2-user/myproject
RewriteEngine on
RewriteCond %{HTTP_HOST} =domain3.example.com
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
</VirtualHost>
Как видите, я пытаюсь перенаправить каждый виртуальный хост на HTTPS. В ssl.conf моя конфигурация выглядит так:
SSL.Conf виртуальный хост 1
# General setup for the virtual host, inherited from global configuration
WSGIDaemonProcess www.example.com processes=1 threads=30 display-name=%{GROUP}
WSGIProcessGroup %{GLOBAL}
ServerName www.example.com
DocumentRoot /ec2-user/myproject
WSGIScriptAlias / /ec2-user/myproject/prod_wsgi.py
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
# SSL Engine Switch:
SSLEngine on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
# SSL Engine Options:
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
# Per-Server Logging:
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mydomain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain/privkey.pem
</VirtualHost>
SSL.Conf виртуальный хост 2
<VirtualHost *:443>
# General setup for the virtual host, inherited from global configuration
WSGIDaemonProcess domain2.example.com processes=1 threads=30 display-name=%{GROUP}
WSGIProcessGroup %{GLOBAL}
ServerName domain2.example.com
DocumentRoot /ec2-user/myproject
WSGIScriptAlias / /ec2-user/myproject/domain2_wsgi.py
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
# SSL Engine Switch:
SSLEngine on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
# SSL Engine Options:
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
# Per-Server Logging:
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mydomain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain/privkey.pem
</VirtualHost>
SSL.Conf виртуальный хост 3
# General setup for the virtual host, inherited from global configuration
WSGIDaemonProcess domain3.example.com processes=1 threads=30 display-name=%{GROUP}
WSGIProcessGroup %{GLOBAL}
ServerName domain3.example.com
DocumentRoot /ec2-user/myproject
WSGIScriptAlias / /ec2-user/myproject/domain3_wsgi.py
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
# SSL Engine Switch:
SSLEngine on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLHonorCipherOrder on
# SSL Engine Options:
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
# Per-Server Logging:
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/mydomain/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mydomain/privkey.pem
</VirtualHost>
Проблема в том, что весь трафик перенаправляется на https://www.example.com URL. Я хочу, чтобы каждый URL-адрес http пересылался на соответствующий URL-адрес https. Когда я перехожу на domain1.mydomain.com, он переходит на www.mydomain.com. Я бы хотел, чтобы все работали следующим образом:
> http://www.example.com to https://www.example.com
> http://domain1.example.com to https://domain1.example.com
> http://domain2.example.com to https://domain2.example.com
> http://example.com to https://www.example.com