]>
Commit | Line | Data |
---|---|---|
e5988e0f ER |
1 | --- mod_nss-1.0.8/nss.conf.in~ 2006-10-20 18:23:39.000000000 +0300 |
2 | +++ mod_nss-1.0.8/nss.conf.in 2008-10-03 23:49:38.490473661 +0300 | |
3 | @@ -1,4 +1,5 @@ | |
af964ecd ER |
4 | -# |
5 | +LoadModule nss_module modules/libmodnss.so | |
6 | + | |
7 | # This is the Apache server configuration file providing SSL support using. | |
8 | # the mod_nss plugin. It contains the configuration directives to instruct | |
e5988e0f ER |
9 | # the server how to serve pages over an https connection. |
10 | @@ -8,14 +9,15 @@ | |
11 | # consult the online docs. You have been warned. | |
af964ecd ER |
12 | # |
13 | ||
14 | +<IfModule mod_nss.c> | |
15 | # | |
16 | # When we also provide SSL we have to listen to the | |
e5988e0f ER |
17 | # standard HTTP port (see above) and to the HTTPS port |
18 | # | |
70fac32b ER |
19 | # Note: Configurations that use IPv6 but not IPv4-mapped addresses need two |
20 | -# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" | |
21 | +# Listen directives: "Listen [::]:8443" and "Listen 0.0.0.0:8443" | |
22 | # | |
23 | -Listen 443 | |
24 | +Listen 8443 | |
25 | ||
e5988e0f ER |
26 | ## |
27 | ## SSL Global Context | |
28 | @@ -68,17 +70,17 @@ | |
29 | ## SSL Virtual Host Context | |
70fac32b ER |
30 | ## |
31 | ||
32 | -<VirtualHost _default_:443> | |
33 | +<VirtualHost _default_:8443> | |
34 | ||
35 | # General setup for the virtual host | |
36 | -#DocumentRoot "@apache_prefix@/htdocs" | |
37 | -#ServerName www.example.com:443 | |
38 | +#DocumentRoot "/home/services/httpd/html" | |
39 | +#ServerName www.example.com:8443 | |
40 | #ServerAdmin you@example.com | |
41 | ||
42 | # mod_nss can log to separate log files, you can choose to do that if you'd like | |
43 | # LogLevel is not inherited from httpd.conf. | |
44 | -#ErrorLog @apache_prefix@/logs/error_log | |
45 | -#TransferLog @apache_prefix@/logs/access_log | |
46 | +#ErrorLog logs/error_log | |
47 | +#TransferLog logs/access_log | |
48 | LogLevel warn | |
49 | ||
e5988e0f ER |
50 | # SSL Engine Switch: |
51 | @@ -113,7 +115,7 @@ | |
52 | # The NSS security database directory that holds the certificates and | |
90adf98b ER |
53 | # keys. The database consists of 3 files: cert8.db, key3.db and secmod.db. |
54 | # Provide the directory that these files exist. | |
55 | -NSSCertificateDatabase @apache_conf@ | |
56 | +NSSCertificateDatabase @apache_conf@/nss | |
57 | ||
58 | # Database Prefix: | |
e5988e0f ER |
59 | # In order to be able to store multiple NSS databases in one directory |
60 | @@ -126,6 +128,14 @@ | |
61 | # require. | |
62 | #NSSVerifyClient none | |
63 | ||
64 | + | |
65 | +# By default mod_nss will not start up if the server certificate is not | |
66 | +# valid. This means that if the certificate has expired or is signed by a CA | |
67 | +# that is not trusted in the NSS certificate database the server will not | |
68 | +# start. | |
69 | +# Not enforcing a valid server certificate is not recommended. | |
70 | +NSSEnforceValidCerts off | |
71 | + | |
72 | # | |
73 | # Online Certificate Status Protocol (OCSP). | |
74 | # Verify that certificates have not been revoked before accepting them. | |
75 | @@ -189,7 +199,7 @@ | |
76 | <Files ~ "\.(cgi|shtml|phtml|php3?)$"> | |
70fac32b ER |
77 | NSSOptions +StdEnvVars |
78 | </Files> | |
79 | -<Directory "@apache_prefix@/cgi-bin"> | |
80 | +<Directory "/home/services/httpd/cgi-bin"> | |
81 | NSSOptions +StdEnvVars | |
82 | </Directory> | |
e5988e0f ER |
83 | |
84 | @@ -201,3 +211,4 @@ | |
85 | ||
86 | </VirtualHost> | |
87 | ||
af964ecd | 88 | +</IfModule> |