From ec28c7611750289d790091d511d049ff94ddf1d6 Mon Sep 17 00:00:00 2001
From: bonkey <bonkey@bonkey.pl.eu.org>
Date: Thu, 20 Apr 2000 22:39:47 +0000
Subject: [PATCH] - based on config from mod_ssl - working but probably a
 little incompatible (eg. /var/run/ssl_scache)

Changed files:
    apache-mod_ssl-vhost.conf -> 1.2
    apache-mod_ssl.conf -> 1.2
---
 apache-mod_ssl-vhost.conf | 34 ++++++++++++++++++++++++++++++----
 apache-mod_ssl.conf       | 34 ++++++++++++++++++++++++++++++----
 2 files changed, 60 insertions(+), 8 deletions(-)

diff --git a/apache-mod_ssl-vhost.conf b/apache-mod_ssl-vhost.conf
index 7c9f561..795a3c3 100644
--- a/apache-mod_ssl-vhost.conf
+++ b/apache-mod_ssl-vhost.conf
@@ -1,4 +1,5 @@
-LoadModule ssl_module        /usr/lib/apache/libssl.so 
+LoadModule ssl_module        lib/apache/libssl.so 
+AddModule mod_ssl.c
 
 ##--------------------------------------------------------------------------
 ## Add additional SSL configuration directives which provide a
@@ -38,13 +39,13 @@ SSLPassPhraseDialog  builtin
 #   second the expiring timeout (in seconds).
 #SSLSessionCache        none
 #SSLSessionCache         dbm:logs/ssl_scache
-SSLSessionCache        shm:logs/ssl_scache(512000)
+SSLSessionCache        shm:/var/run/ssl_scache(512000)
 SSLSessionCacheTimeout  300
 
 #   Semaphore:
 #   Configure the path to the mutual explusion semaphore the
 #   SSL engine uses internally for inter-process synchronization. 
-SSLMutex  file:logs/ssl_mutex
+SSLMutex  file:/var/run/ssl_mutex
 
 #   Pseudo Random Number Generator (PRNG):
 #   Configure one or more sources to seed the PRNG of the 
@@ -63,6 +64,31 @@ SSLRandomSeed connect builtin
 #   a real server (i.e. somewhere where only root can write).
 #   Log levels are (ascending order: higher ones include lower ones):
 #   none, error, warn, info, trace, debug.
-SSLLog      logs/ssl_engine_log
+SSLLog      /var/log/httpd/ssl_engine_log
 SSLLogLevel info
 
+<VirtualHost _default_:443>
+SSLEngine on
+#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCertificateFile /etc/httpd/server.crt
+SSLCertificateKeyFile /etc/httpd/server.key
+#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
+#SSLCACertificatePath /etc/httpd/conf/ssl.crt
+#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
+#SSLCARevocationPath /etc/httpd/conf/ssl.crl
+#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
+#SSLVerifyClient require
+#SSLVerifyDepth  10
+
+#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
+<Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+</Files>
+<Directory "/home/httpd/html/cgi-bin">
+    SSLOptions +StdEnvVars
+</Directory>
+SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+CustomLog /var/log/httpd/ssl_request_log \
+          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>                                  
diff --git a/apache-mod_ssl.conf b/apache-mod_ssl.conf
index 7c9f561..795a3c3 100644
--- a/apache-mod_ssl.conf
+++ b/apache-mod_ssl.conf
@@ -1,4 +1,5 @@
-LoadModule ssl_module        /usr/lib/apache/libssl.so 
+LoadModule ssl_module        lib/apache/libssl.so 
+AddModule mod_ssl.c
 
 ##--------------------------------------------------------------------------
 ## Add additional SSL configuration directives which provide a
@@ -38,13 +39,13 @@ SSLPassPhraseDialog  builtin
 #   second the expiring timeout (in seconds).
 #SSLSessionCache        none
 #SSLSessionCache         dbm:logs/ssl_scache
-SSLSessionCache        shm:logs/ssl_scache(512000)
+SSLSessionCache        shm:/var/run/ssl_scache(512000)
 SSLSessionCacheTimeout  300
 
 #   Semaphore:
 #   Configure the path to the mutual explusion semaphore the
 #   SSL engine uses internally for inter-process synchronization. 
-SSLMutex  file:logs/ssl_mutex
+SSLMutex  file:/var/run/ssl_mutex
 
 #   Pseudo Random Number Generator (PRNG):
 #   Configure one or more sources to seed the PRNG of the 
@@ -63,6 +64,31 @@ SSLRandomSeed connect builtin
 #   a real server (i.e. somewhere where only root can write).
 #   Log levels are (ascending order: higher ones include lower ones):
 #   none, error, warn, info, trace, debug.
-SSLLog      logs/ssl_engine_log
+SSLLog      /var/log/httpd/ssl_engine_log
 SSLLogLevel info
 
+<VirtualHost _default_:443>
+SSLEngine on
+#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+SSLCertificateFile /etc/httpd/server.crt
+SSLCertificateKeyFile /etc/httpd/server.key
+#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
+#SSLCACertificatePath /etc/httpd/conf/ssl.crt
+#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
+#SSLCARevocationPath /etc/httpd/conf/ssl.crl
+#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
+#SSLVerifyClient require
+#SSLVerifyDepth  10
+
+#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
+<Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+</Files>
+<Directory "/home/httpd/html/cgi-bin">
+    SSLOptions +StdEnvVars
+</Directory>
+SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+CustomLog /var/log/httpd/ssl_request_log \
+          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>                                  
-- 
2.44.0