X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=apache-mod_ssl-vhost.conf;h=795a3c33bcf1ba9c9e87992d74dd76959e5adab6;hb=a6c476d880b45eb465427add2b7bb125aab83899;hp=7c9f561446be3ef965e7142e0f51bc5bf9d982c2;hpb=d918c9251d3ba590b7a3a659be9c66b0d8c17b51;p=packages%2Fapache.git

diff --git a/apache-mod_ssl-vhost.conf b/apache-mod_ssl-vhost.conf
index 7c9f561..795a3c3 100644
--- a/apache-mod_ssl-vhost.conf
+++ b/apache-mod_ssl-vhost.conf
@@ -1,4 +1,5 @@
-LoadModule ssl_module        /usr/lib/apache/libssl.so 
+LoadModule ssl_module        lib/apache/libssl.so 
+AddModule mod_ssl.c
 
 ##--------------------------------------------------------------------------
 ## Add additional SSL configuration directives which provide a
@@ -38,13 +39,13 @@ SSLPassPhraseDialog  builtin
 #   second the expiring timeout (in seconds).
 #SSLSessionCache        none
 #SSLSessionCache         dbm:logs/ssl_scache
-SSLSessionCache        shm:logs/ssl_scache(512000)
+SSLSessionCache        shm:/var/run/ssl_scache(512000)
 SSLSessionCacheTimeout  300
 
 #   Semaphore:
 #   Configure the path to the mutual explusion semaphore the
 #   SSL engine uses internally for inter-process synchronization. 
-SSLMutex  file:logs/ssl_mutex
+SSLMutex  file:/var/run/ssl_mutex
 
 #   Pseudo Random Number Generator (PRNG):
 #   Configure one or more sources to seed the PRNG of the 
@@ -63,6 +64,31 @@ SSLRandomSeed connect builtin
 #   a real server (i.e. somewhere where only root can write).
 #   Log levels are (ascending order: higher ones include lower ones):
 #   none, error, warn, info, trace, debug.
-SSLLog      logs/ssl_engine_log
+SSLLog      /var/log/httpd/ssl_engine_log
 SSLLogLevel info
 
+<VirtualHost _default_:443>
+SSLEngine on
+#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCertificateFile /etc/httpd/server.crt
+SSLCertificateKeyFile /etc/httpd/server.key
+#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
+#SSLCACertificatePath /etc/httpd/conf/ssl.crt
+#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
+#SSLCARevocationPath /etc/httpd/conf/ssl.crl
+#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
+#SSLVerifyClient require
+#SSLVerifyDepth  10
+
+#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
+<Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+</Files>
+<Directory "/home/httpd/html/cgi-bin">
+    SSLOptions +StdEnvVars
+</Directory>
+SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+CustomLog /var/log/httpd/ssl_request_log \
+          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>