ich habe eine Subdomain eingerichtet und es läuft -
Code: Select all
Server version: Apache/2.4.10 (Debian)
Server built: Jan 3 2016 03:50:53
Code: Select all
<VirtualHost *:80>
ServerName subdomain.domain.de
ServerAdmin sebastian@domain.de
DocumentRoot /var/www/ft/htdocs
SuexecUserGroup ft ft
<Directory /var/www/ft/htdocs/>
FCGIWrapper /var/www/ft/conf_ft .php
<FilesMatch \.php$>
SetHandler fcgid-script
</FilesMatch>
Options +ExecCGI
Require all granted
</Directory>
ErrorLog /var/log/apache2/ft_error.log
LogLevel warn
CustomLog /var/log/apache2/ft_access.log combined
</VirtualHost>
Ich habe über Startssl ein Zertifikat besorgt und habe die ft.conf erweitert - die sieht jetzt so aus:
Code: Select all
<VirtualHost *:80>
ServerName subdomain.domain.de
ServerAdmin sebastian@domain.de
DocumentRoot /var/www/ft/htdocs
SuexecUserGroup ft ft
<Directory /var/www/ft/htdocs/>
FCGIWrapper /var/www/ft/conf_ft .php
<FilesMatch \.php$>
SetHandler fcgid-script
</FilesMatch>
Options +ExecCGI
Require all granted
# AllowOverride all
</Directory>
ErrorLog /var/log/apache2/ft_error.log
LogLevel warn
CustomLog /var/log/apache2/ft_access.log combined
</VirtualHost>
<VirtualHost *:443>
ServerName subdomain.domain.de
ServerAdmin sebastian@domain.de
DocumentRoot /var/www/ft/htdocs
SuexecUserGroup ft ft
<Directory /var/www/ft/htdocs/>
FCGIWrapper /var/www/ft/conf_ft .php
<FilesMatch \.php$>
SetHandler fcgid-script
</FilesMatch>
Options +ExecCGI
AllowOverride all
Require all granted
</Directory>
ErrorLog /var/log/apache2/ft_ssl_error.log
LogLevel warn
CustomLog /var/log/apache2/ft_ssl_access.log combined
SSLEngine on
# SSLProtocol all -SSLv2
# SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLProtocol all -SSLv2 -SSLv3
SSLCompression Off
SSLHonorCipherOrder on
SSLCipherSuite 'ECDH+AESGCM EDH+AESGCM!aNULL !eNULL !EXPORT !LOW !MEDIUM !DES !3DES !RC4 !SEED !CAMELLIA !MD5 !PSK !DSS'
# SSLCipherSuite 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'
SSLCertificateFile /etc/ssl/certs/ft.de.pem
SSLCertificateKeyFile /etc/ssl/private/ft.de.key
# SSLCertificateFile /etc/ssl/certs/ft.de.crt
# SSLCertificateKeyFile /etc/ssl/private/ft.de.key
SSLCertificateChainFile /etc/ssl/certs/sub.class1.server.ca.pem
SSLCACertificateFile /etc/ssl/certs/ca.pem
CustomLog /var/log/apache2/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Im Error-Log & im Access-Log steht nichts.
Sowohl bei http:// und bei https:// sagt Firefox: "Fehler: Verbindung fehlgeschlagen"
Ich bin nun etwas ratlos :-/
Witzigerweise habe ich diese Konfiguration von einem anderen Virtual-Host kopiert - da gehts problemlos.
gruß
Sebastian