Certificat SSL Let’s Encrypt
Bonjour,
j'ai suivie un tuto pour installer un certificat SSL de Let’s Encrypt sur debian 9 apache2
https://www.memoinfo.fr/tutoriels-li...#comment-33374
j'utilise Prestashop, dans l'admin et dans l'url je vois bien la sécurité et en vert donc bon, mais dans l'index du site il y a bien le https mais pas sécurisé d'apres les navigateurs
https://www.pample.fr/
j'ai fait les testes sur google chrome et opera
pample.conf
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
| <VirtualHost *:80>
ServerName pample.fr
ServerAlias www.pample.fr
LogLevel warn
#Définition de la racine des sources php
DocumentRoot "/var/www/pample"
<directory /var/www/pample/>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</directory>
ErrorLog /var/www/pample/pample.txt
CustomLog /var/www/pample/pample.txt combined
RewriteEngine on
RewriteCond %{HTTPS} !on
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
ServerName pample.fr
ServerAlias www.pample.fr
DocumentRoot "/var/www/pample"
<Directory /var/www/pample/>
Options -Indexes
AllowOverride all
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.pample.fr/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.pample.fr/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.pample.fr/chain.pem
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCompression off
SSLOptions +StrictRequire
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
#Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
LogLevel warn
ErrorLog /var/www/pample/www.pample.fr-error.log
CustomLog /var/www/pample/www.pample.fr-access.log combined
</VirtualHost> |
pample-le-ssl.conf
Code:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
| <IfModule mod_ssl.c>
<VirtualHost *:443>
#on accepte aussi le www
ServerName pample.fr
ServerAlias www.pample.fr
#Définition de la racine des sources php
DocumentRoot "/var/www/pample"
<directory /var/www/pample/>
Options -Indexes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
</directory>
ErrorLog /var/www/pample/pample.txt
CustomLog /var/www/pample/pample.txt combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
SSLCertificateFile /etc/letsencrypt/live/www.pample.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.pample.fr/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule> |
