-LoadModule ssl_module lib/apache/libssl.so
-AddModule mod_ssl.c
-
-##--------------------------------------------------------------------------
-## Add additional SSL configuration directives which provide a
-## robust default configuration: virtual server on port 443
-## which speaks SSL.
-##--------------------------------------------------------------------------
-##
-## SSL Support
-##
-## When we also provide SSL we have to listen to the
-## standard HTTP port (see above) and to the HTTPS port
-##
-Listen 443
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-#
-# Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-# Pass Phrase Dialog:
-# Configure the pass phrase gathering process.
-# The filtering dialog program (`builtin' is a internal
-# terminal dialog) has to provide the pass phrase on stdout.
-SSLPassPhraseDialog builtin
-
-# Inter-Process Session Cache:
-# Configure the SSL Session Cache: First either `none'
-# or `dbm:/path/to/file' for the mechanism to use and
-# second the expiring timeout (in seconds).
-#SSLSessionCache none
-#SSLSessionCache dbm:logs/ssl_scache
-SSLSessionCache shm:/var/run/ssl_scache(512000)
-SSLSessionCacheTimeout 300
-
-# Semaphore:
-# Configure the path to the mutual explusion semaphore the
-# SSL engine uses internally for inter-process synchronization.
-SSLMutex file:/var/run/ssl_mutex
-
-# Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the
-# SSL library. The seed data should be of good random quality.
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-#SSLRandomSeed startup file:/dev/random 512
-#SSLRandomSeed startup file:/dev/urandom 512
-#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
-
-# Logging:
-# The home of the dedicated SSL protocol logfile. Errors are
-# additionally duplicated in the general error log file. Put
-# this somewhere where it cannot be used for symlink attacks on
-# a real server (i.e. somewhere where only root can write).
-# Log levels are (ascending order: higher ones include lower ones):
-# none, error, warn, info, trace, debug.
-SSLLog /var/log/httpd/ssl_engine_log
-SSLLogLevel info
-
-<VirtualHost _default_:443>
-SSLEngine on
-#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-SSLCertificateFile /etc/httpd/server.crt
-SSLCertificateKeyFile /etc/httpd/server.key
-#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
-#SSLCACertificatePath /etc/httpd/conf/ssl.crt
-#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
-#SSLCARevocationPath /etc/httpd/conf/ssl.crl
-#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
-#SSLVerifyClient require
-#SSLVerifyDepth 10
-
-#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
-<Files ~ "\.(cgi|shtml)$">
- SSLOptions +StdEnvVars
-</Files>
-<Directory "/home/httpd/html/cgi-bin">
- SSLOptions +StdEnvVars
-</Directory>
-SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-CustomLog /var/log/httpd/ssl_request_log \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
-</VirtualHost>