author | Petr Sumbera <petr.sumbera@oracle.com> |
Thu, 02 Jun 2011 00:54:08 -0700 | |
changeset 278 | 77b380ba9d84 |
child 714 | b205ca9f0d84 |
permissions | -rw-r--r-- |
278
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
1 |
--- docs/conf/extra/httpd-ssl.conf.in.orig Thu May 12 11:44:53 2011 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
2 |
+++ docs/conf/extra/httpd-ssl.conf.in Thu May 12 11:46:45 2011 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
3 |
@@ -22,9 +22,10 @@ |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
4 |
# Manual for more details. |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
5 |
# |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
6 |
#SSLRandomSeed startup file:/dev/random 512 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
7 |
-#SSLRandomSeed startup file:/dev/urandom 512 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
8 |
+SSLRandomSeed startup file:/dev/urandom 512 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
9 |
#SSLRandomSeed connect file:/dev/random 512 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
10 |
-#SSLRandomSeed connect file:/dev/urandom 512 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
11 |
+SSLRandomSeed connect file:/dev/urandom 512 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
12 |
+SSLCryptoDevice pkcs11 |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
13 |
|
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
14 |
|
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
15 |
# |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
16 |
@@ -75,7 +76,7 @@ |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
17 |
|
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
18 |
# General setup for the virtual host |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
19 |
DocumentRoot "@exp_htdocsdir@" |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
20 |
-ServerName www.example.com:@@SSLPort@@ |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
21 |
+ServerName 127.0.0.1:@@SSLPort@@ |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
22 |
ServerAdmin [email protected] |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
23 |
ErrorLog "@exp_logfiledir@/error_log" |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
24 |
TransferLog "@exp_logfiledir@/access_log" |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
25 |
@@ -87,8 +88,12 @@ |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
26 |
# SSL Cipher Suite: |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
27 |
# List the ciphers that the client is permitted to negotiate. |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
28 |
# See the mod_ssl documentation for a complete list. |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
29 |
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
30 |
+# AES with keylengths > 128 bit is not supported by default on Solaris. |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
31 |
+# To operate with AES256 you must install the SUNWcry and SUNWcryr |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
32 |
+# packages from the Solaris 10 Data Encryption Kit. |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
33 |
+SSLCipherSuite ALL:!ADH:!EXPORT56:-AES256-SHA:-DHE-RSA-AES256-SHA:-DHE-DSS-AES256-SHA:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
34 |
|
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
35 |
+ |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
36 |
# Server Certificate: |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
37 |
# Point SSLCertificateFile at a PEM encoded certificate. If |
77b380ba9d84
7045614 Move Apache Web server to userland
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
38 |
# the certificate is encrypted, then you will be prompted for a |