-# $Id$
LoadModule ssl_module modules/mod_ssl.so
# This is the Apache server configuration file providing SSL support.
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
+
+SSLRandomSeed startup file:/dev/urandom 256
+SSLRandomSeed connect builtin
+
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
SSLSessionCache shmcb:/var/cache/httpd/ssl_scache(512000)
SSLSessionCacheTimeout 300
-# Semaphore:
-# Configure the path to the mutual exclusion semaphore the
-# SSL engine uses internally for inter-process synchronization.
-SSLMutex file:/var/run/httpd/ssl_mutex
+# Usable SSL protocol flavors:
+# This directive can be used to control the SSL protocol flavors mod_ssl
+# should use when establishing its server environment. Clients then can only
+# connect with one of the provided protocols.
+SSLProtocol all -SSLv2
+
+# SSL Cipher Suite:
+# List the ciphers that the client is permitted to negotiate.
+# See the mod_ssl documentation for a complete list.
+SSLCipherSuite ALL:!ADH:!EXP:!LOW:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
+
##
## SSL Virtual Host Context
##
-NameVirtualHost *:443
-<VirtualHost *:443>
+<VirtualHost _default_:443>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
-# SSL Cipher Suite:
-# List the ciphers that the client is permitted to negotiate.
-# See the mod_ssl documentation for a complete list.
-SSLCipherSuite ALL:!ADH:!EXP:!LOW:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+eNULL
-
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
projects / packages / apache.git / blobdiff