* ApacheでSSL(SNI)設定 [#f8b67c5d] #contents -- 関連 --- [[Apacheインストール>Apacheインストール]] --- [[ApacheとRailsをmod_proxyで連携する]] ** httpd.conf 等の編集 [#j41b7a8e] #mycode2(){{ LoadModule ssl_module path_to/mod_ssl.so Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLPassPhraseDialog builtin SSLSessionCache "shmcb:/path_to/ssl_scache(512000)" SSLSessionCacheTimeout 300 SSLMutex default SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin SSLCryptoDevice builtin NameVirtualHost *:443 # SNIに未対応のブラウザ用にoffにしておく SSLStrictSNIVHostCheck off <VirtualHost *:443> DocumentRoot "/var/www/hoge.com" ServerName hoge.com SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /path_to_certs/hoge.crt SSLCertificateKeyFile /path_to_certs/hoge.key . . </VirtualHost> <VirtualHost *:443> DocumentRoot "/var/www/fuga.com" ServerName fuga.com SSLEngine on SSLProtocol all -SSLv2 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW SSLCertificateFile /path_to_certs/fuga.crt SSLCertificateKeyFile /path_to_certs/fuga.key . . </VirtualHost> }} うまく動かない時は apachectl configtest で誤りがないかチェック #myterm2(){{ apachectl configtest }}