1 LoadModule ssl_module /usr/lib/apache/libssl.so
3 ##--------------------------------------------------------------------------
4 ## Add additional SSL configuration directives which provide a
5 ## robust default configuration: virtual server on port 443
7 ##--------------------------------------------------------------------------
11 ## When we also provide SSL we have to listen to the
12 ## standard HTTP port (see above) and to the HTTPS port
19 ## All SSL configuration in this context applies both to
20 ## the main server and all SSL-enabled virtual hosts.
24 # Some MIME-types for downloading Certificates and CRLs
26 AddType application/x-x509-ca-cert .crt
27 AddType application/x-pkcs7-crl .crl
30 # Configure the pass phrase gathering process.
31 # The filtering dialog program (`builtin' is a internal
32 # terminal dialog) has to provide the pass phrase on stdout.
33 SSLPassPhraseDialog builtin
35 # Inter-Process Session Cache:
36 # Configure the SSL Session Cache: First either `none'
37 # or `dbm:/path/to/file' for the mechanism to use and
38 # second the expiring timeout (in seconds).
40 #SSLSessionCache dbm:logs/ssl_scache
41 SSLSessionCache shm:logs/ssl_scache(512000)
42 SSLSessionCacheTimeout 300
45 # Configure the path to the mutual explusion semaphore the
46 # SSL engine uses internally for inter-process synchronization.
47 SSLMutex file:logs/ssl_mutex
49 # Pseudo Random Number Generator (PRNG):
50 # Configure one or more sources to seed the PRNG of the
51 # SSL library. The seed data should be of good random quality.
52 SSLRandomSeed startup builtin
53 SSLRandomSeed connect builtin
54 #SSLRandomSeed startup file:/dev/random 512
55 #SSLRandomSeed startup file:/dev/urandom 512
56 #SSLRandomSeed connect file:/dev/random 512
57 #SSLRandomSeed connect file:/dev/urandom 512
60 # The home of the dedicated SSL protocol logfile. Errors are
61 # additionally duplicated in the general error log file. Put
62 # this somewhere where it cannot be used for symlink attacks on
63 # a real server (i.e. somewhere where only root can write).
64 # Log levels are (ascending order: higher ones include lower ones):
65 # none, error, warn, info, trace, debug.
66 SSLLog logs/ssl_engine_log