diff options
| author | mh <mh@immerda.ch> | 2008-04-24 15:17:42 +0000 |
|---|---|---|
| committer | mh <mh@immerda.ch> | 2008-04-24 15:17:42 +0000 |
| commit | 43328e80a5508e3ee931a7b10a9ca0667081d232 (patch) | |
| tree | 2a40929c01d4e79c0e1dadeeee54a3b4f5e5d5fc /files | |
| parent | 558a9175bfdf9a559642be31d49264e642612d86 (diff) | |
added default centos file and made sources more configurable
Diffstat (limited to 'files')
| -rw-r--r-- | files/centos/ssl.conf | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/files/centos/ssl.conf b/files/centos/ssl.conf index f03fc73..647a4a4 100644 --- a/files/centos/ssl.conf +++ b/files/centos/ssl.conf @@ -16,9 +16,6 @@ LoadModule ssl_module modules/mod_ssl.so # the HTTPS port in addition. # Listen 443 -NameVirtualHost *:443 -LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %{SSL_PROTOCOL}x %{SSL_CIPHER}x" sslcombined -UseCanonicalName On ## ## SSL Global Context @@ -81,7 +78,7 @@ SSLCryptoDevice builtin ## SSL Virtual Host Context ## -<VirtualHost *:443> +<VirtualHost _default_:443> # General setup for the virtual host, inherited from global configuration #DocumentRoot "/var/www/html" @@ -105,22 +102,21 @@ SSLProtocol all -SSLv2 # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. # See the mod_ssl documentation for a complete list. -#SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW -SSLCipherSuite HIGH:MEDIUM:!ADH:-SSLv2 +SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a # pass phrase. Note that a kill -HUP will prompt again. A new # certificate can be generated using the genkey(1) command. -SSLCertificateFile /e/certs/server.crt +SSLCertificateFile /etc/pki/tls/certs/localhost.crt # Server Private Key: # If the key is not combined with the certificate, use this # directive to point at the key file. Keep in mind that if # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) -SSLCertificateKeyFile /e/certs/server.key +SSLCertificateKeyFile /etc/pki/tls/private/localhost.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the @@ -229,6 +225,5 @@ SetEnvIf User-Agent ".*MSIE.*" \ CustomLog logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" -ServerSignature off </VirtualHost> |