X-Git-Url: https://git.pld-linux.org/?p=packages%2Fapache.git;a=blobdiff_plain;f=apache-mod_ssl-vhost.conf;h=1cef405e7aa8cb613de0856d6c7338568e43d9d6;hp=ea3e5b7b9e87ab0be0caecacc2f5b2ed0f45373b;hb=e31ca1d3165a8716680ac91e00d32ce16d744c7c;hpb=a17477883a8df0169fb02afa4162a73efd082d9d diff --git a/apache-mod_ssl-vhost.conf b/apache-mod_ssl-vhost.conf index ea3e5b7..1cef405 100644 --- a/apache-mod_ssl-vhost.conf +++ b/apache-mod_ssl-vhost.conf @@ -41,12 +41,6 @@ Listen 443 ## the main server and all SSL-enabled virtual hosts. ## -# -# Some MIME-types for downloading Certificates and CRLs -# -AddType application/x-x509-ca-cert .crt -AddType application/x-pkcs7-crl .crl - # Pass Phrase Dialog: # Configure the pass phrase gathering process. # The filtering dialog program (`builtin' is a internal @@ -70,15 +64,8 @@ SSLMutex file:/var/run/httpd/ssl_mutex ## SSL Virtual Host Context ## - - -# General setup for the virtual host -DocumentRoot "/home/services/httpd/html" -ServerName www.example.com:443 -ServerAdmin you@example.com -ErrorLog logs/error_log -TransferLog logs/access_log - +NameVirtualHost *:443 + # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on @@ -86,7 +73,7 @@ SSLEngine on # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. -SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL +SSLCipherSuite ALL:!ADH:!EXP:!LOW:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+eNULL # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If @@ -217,14 +204,18 @@ SSLCertificateKeyFile /etc/httpd/ssl/server.key # Similarly, one has to force some clients to use HTTP/1.0 to workaround # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and # "force-response-1.0" for this. -BrowserMatch ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 + + BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 + # Per-Server Logging: # The home of a custom SSL log file. Use this when you want a # compact non-error SSL logfile on a virtual host basis. -CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" +# +# CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" +# # enable common log too, otherwise you be suprised of no access logs +# CustomLog logs/access_log common +#