Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/apache24/patches/ssl.conf.patch
branchs11u3-sru
changeset 4884 6ad716bfae77
parent 3877 d7cb5bc8ee50
equal deleted inserted replaced
4883:cd5ceed10e53 4884:6ad716bfae77 
     1 Patch origin: in-house
 
     1 Patch origin: in-house
 
     2 Patch status: Solaris-specific; not suitable for upstream
 
     2 Patch status: Solaris-specific; not suitable for upstream
 
       
     3 Patch status: SSLProtocol part submitted to upstream
 
       
     4 
       
     5 https://bz.apache.org/bugzilla/show_bug.cgi?id=57120
 
     3 
     6 
     4 --- docs/conf/extra/httpd-ssl.conf.in
 
     7 --- docs/conf/extra/httpd-ssl.conf.in
 
     5 +++ docs/conf/extra/httpd-ssl.conf.in
 
     8 +++ docs/conf/extra/httpd-ssl.conf.in
 
     6 @@ -24,9 +24,9 @@
 
     9 @@ -24,9 +24,9 @@
 
     7  # Manual for more details.
 
    10  # Manual for more details.
 
    22 +#   Enable FIPS 140 mode, this requires the openssl pkg mediator
 
    25 +#   Enable FIPS 140 mode, this requires the openssl pkg mediator
 
    23 +#   be set to install the fips-140 version of OpenSSL and mod_ssl.
 
    26 +#   be set to install the fips-140 version of OpenSSL and mod_ssl.
 
    24 +#SSLFIPS on 
    27 +#SSLFIPS on 
    25 +
 
    28 +
 
    26  #   SSL Cipher Suite:
 
    29  #   SSL Cipher Suite:
 
    27  #   List the ciphers that the client is permitted to negotiate.
 
    30  #   List the ciphers that the client is permitted to negotiate,
 
    28  #   See the mod_ssl documentation for a complete list.
 
    31  #   and that httpd will negotiate as the client of a proxied server.
 
    29 @@ -103,7 +107,7 @@
 
    32 @@ -73,11 +77,11 @@
 
       
    33  
       
    34  #   SSL Protocol support:
 
       
    35  #   List the protocol versions which clients are allowed to connect with.
 
       
    36 -#   Disable SSLv3 by default (cf. RFC 7525 3.1.1).  TLSv1 (1.0) should be
 
       
    37 +#   SSLv3 is disabled by default (cf. RFC 7525 3.1.1).  TLSv1 (1.0) should be
 
       
    38  #   disabled as quickly as practical.  By the end of 2016, only the TLSv1.2
 
       
    39  #   protocol or later should remain in use.
 
       
    40 -SSLProtocol all -SSLv3
 
       
    41 -SSLProxyProtocol all -SSLv3
 
       
    42 +SSLProtocol all
 
       
    43 +SSLProxyProtocol all
 
       
    44  
       
    45  #   Pass Phrase Dialog:
 
       
    46  #   Configure the pass phrase gathering process.
 
       
    47 @@ -122,7 +126,7 @@
 
    30  
    48  
    31  #   General setup for the virtual host
 
    49  #   General setup for the virtual host
 
    32  DocumentRoot "@exp_htdocsdir@"
 
    50  DocumentRoot "@exp_htdocsdir@"
 
    33 -ServerName www.example.com:@@SSLPort@@
 
    51 -ServerName www.example.com:@@SSLPort@@
 
    34 +ServerName 127.0.0.1:@@SSLPort@@
 
    52 +ServerName 127.0.0.1:@@SSLPort@@
upstream/oracle/userland-gate