le résultat :
root@jeedom:/etc/apache2# netstat -natp | grep 443
tcp6 0 0 :::443 :::* LISTEN 15388/apache2
tcp6 0 0 192.168.10.32:80 192.168.10.11:54266 ESTABLISHED 15443/apache2
root@jeedom:/etc/apache2#
Où 10.32 est IP Jeedom et 10.11 mon Mac
le résultat :
root@jeedom:/etc/apache2# netstat -natp | grep 443
tcp6 0 0 :::443 :::* LISTEN 15388/apache2
tcp6 0 0 192.168.10.32:80 192.168.10.11:54266 ESTABLISHED 15443/apache2
root@jeedom:/etc/apache2#
Où 10.32 est IP Jeedom et 10.11 mon Mac
root@jeedom:/etc/apache2# apache2ctl -S
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ‹ ServerName › directive globally to suppress this message
VirtualHost configuration:
*:80 is a NameVirtualHost
default server 127.0.0.1 (/etc/apache2/sites-enabled/000-default-ssl.conf:1)
port 80 namevhost 127.0.0.1 (/etc/apache2/sites-enabled/000-default-ssl.conf:1)
port 80 namevhost 127.0.0.1 (/etc/apache2/sites-enabled/000-default.conf:1)
ServerRoot: « /etc/apache2 »
Main DocumentRoot: « /var/www/html »
Main ErrorLog: « /var/www/html/log/http.error »
Mutex watchdog-callback: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir=« /var/run/apache2/ » mechanism=default
Mutex mpm-accept: using_defaults
PidFile: « /var/run/apache2/apache2.pid »
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=« www-data » id=33
Group: name=« www-data » id=33
root@jeedom:/etc/apache2#
Et l’autre commande ?
Là le port 443 ecoute pas sur ton apache
C’est compliqué de debugger quand on sait pas ce que tu as fait où
Et si dig
est not found aussi,
host jeedom.home.toto.fr
Bonjour,
Le message d’erreur
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ‹ ServerName › directive globally to suppress this message
Provient très probablement de la définition du virtualhost. J’utilise *:443 et pas jeedom.toto.fr.
Non aucun probleme d’etre explicite dans le virtualhost
Dans ce cas, il faut ajouter une directive ServerName dans le vhost (pas obligatoire quand on en a qu’un mais c’est plus propre ;))
root@jeedom:/etc/apache2# host jeedom.home.toto.fr
-bash: host: command not found
Je remets * à la place de jeedom.home.toto.fr alors ?
apt install dnsutils -y
et tu auras les commandes dig et nslookup
Moi je te dirais bien de virer le vhost que tu as fait.
vi /etc/apache2/sites-available/001-Jeedom-ssl.conf
Tu mets ca dedans :
<IfModule mod_ssl.c>
<VirtualHost jeedom.home.toto.fr:443>
ServerName jeedom.home.toto.fr
ServerAdmin mon@email.com
DocumentRoot /var/www/html
DirectoryIndex index.php
<Directory /var/www/html>
Options -Indexes +FollowSymlinks
AllowOverride All
</Directory>
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/Jeedom/ssl-error.log
CustomLog ${APACHE_LOG_DIR}/Jeedom/ssl-access.log combined
SSLCertificateFile /etc/apache2/sslcert/toto.fr_ssl_certificate.cer
SSLCertificateKeyFile /etc/apache2/sslcert/_.toto.fr_private_key.key
Include /etc/apache2/options-ssl.conf
</VirtualHost>
</IfModule>
Créer le fichier /etc/apache2/options-ssl.conf et met ca dedans :
# Baseline setting to Include for SSL sites
SSLEngine on
# Intermediate configuration, tweak to your needs
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
# Add vhost name to log entries:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" vhost_combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
#CustomLog /var/log/apache2/access.log vhost_combined
#LogLevel warn
#ErrorLog /var/log/apache2/error.log
# Always ensure Cookies have "Secure" set (JAH 2012/1)
#Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
Et lance ces commandes en nous donnant le retour
a2ensite 001-Jeedom-ssl.conf
apache2ctl configtest
apache2ctl restart
apache2ctl -S
J’ai mis * mais ça ne change rien.
Le résultat de la commande apt install dnsutils -y
root@jeedom:/etc/apache2# apt install dnsutils -y
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages were automatically installed and are no longer required:
libmemcached11 libmemcachedutil2 libmysqlclient18 libonig2 libpng12-0
libqdbm14 libvpx1 linux-image-3.14.29+ linux-image-arm64-odroid-c2
python-lockfile u-boot-tools
Use ‹ apt autoremove › to remove them.
The following additional packages will be installed:
bind9-host libbind9-140 libdns162 libgeoip1 libisc160 libisccc140
libisccfg140 liblwres141
Suggested packages:
rblcheck geoip-bin
Recommended packages:
geoip-database
The following NEW packages will be installed:
bind9-host dnsutils libbind9-140 libdns162 libgeoip1 libisc160 libisccc140
libisccfg140 liblwres141
0 upgraded, 9 newly installed, 0 to remove and 238 not upgraded.
Need to get 2,683 kB of archives.
After this operation, 7,007 kB of additional disk space will be used.
Get:1 Index of /debian stretch/main arm64 libgeoip1 arm64 1.6.9-4 [87.4 kB]
Get:2 http://security.debian.org stretch/updates/main arm64 libisc160 arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [358 kB]
Get:3 http://security.debian.org stretch/updates/main arm64 libdns162 arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [905 kB]
Get:4 http://security.debian.org stretch/updates/main arm64 libisccc140 arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [197 kB]
Get:5 http://security.debian.org stretch/updates/main arm64 libisccfg140 arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [218 kB]
Get:6 http://security.debian.org stretch/updates/main arm64 libbind9-140 arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [204 kB]
Get:7 http://security.debian.org stretch/updates/main arm64 liblwres141 arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [209 kB]
Get:8 http://security.debian.org stretch/updates/main arm64 bind9-host arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [228 kB]
Get:9 http://security.debian.org stretch/updates/main arm64 dnsutils arm64 1:9.10.3.dfsg.P4-12.3+deb9u9 [277 kB]
Fetched 2,683 kB in 0s (5,848 kB/s)
Selecting previously unselected package libgeoip1:arm64.
(Reading database … 56030 files and directories currently installed.)
Preparing to unpack …/0-libgeoip1_1.6.9-4_arm64.deb …
Unpacking libgeoip1:arm64 (1.6.9-4) …
Selecting previously unselected package libisc160:arm64.
Preparing to unpack …/1-libisc160_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking libisc160:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package libdns162:arm64.
Preparing to unpack …/2-libdns162_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking libdns162:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package libisccc140:arm64.
Preparing to unpack …/3-libisccc140_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking libisccc140:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package libisccfg140:arm64.
Preparing to unpack …/4-libisccfg140_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking libisccfg140:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package libbind9-140:arm64.
Preparing to unpack …/5-libbind9-140_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking libbind9-140:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package liblwres141:arm64.
Preparing to unpack …/6-liblwres141_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking liblwres141:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package bind9-host.
Preparing to unpack …/7-bind9-host_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking bind9-host (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Selecting previously unselected package dnsutils.
Preparing to unpack …/8-dnsutils_1%3a9.10.3.dfsg.P4-12.3+deb9u9_arm64.deb …
Unpacking dnsutils (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up libgeoip1:arm64 (1.6.9-4) …
Processing triggers for libc-bin (2.24-11+deb9u3) …
Setting up liblwres141:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Processing triggers for man-db (2.7.6.1-2) …
Setting up libisc160:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up libisccc140:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up libdns162:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up libisccfg140:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up libbind9-140:arm64 (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up bind9-host (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Setting up dnsutils (1:9.10.3.dfsg.P4-12.3+deb9u9) …
Processing triggers for libc-bin (2.24-11+deb9u3) …
root@jeedom:/etc/apache2#
Pour la commande nslookup qui fonctionne maintenant :
root@jeedom:/etc/apache2# nslookup jeedom.home.toto.fr
Server: 192.168.10.1
Address: 192.168.10.1#53Non-authoritative answer:
Name: jeedom.home.toto.fr
Address: 100.100.100.200root@jeedom:/etc/apache2#
Alors question conne mais toto.fr c’est ton domaine ?
L’IP 100.100.100.200 c’est surement pas ton ip publique. Alors du coup y’a un vrai souci là
Pas de question conne, merci beaucoup à vous pour vos soutiens.
Mon domaine est toto.fr
Le sous domaine pour la jeedom est jeedom.home.toto.fr
Si 100.100.100.200 c’est mon IP publique (je l’ai modifié bien sûr mais dans le Terminal c’est bien mon adresse IP)