--- a/components/apache2/patches/ssl.conf.patch Tue Mar 06 10:46:23 2012 -0800
+++ b/components/apache2/patches/ssl.conf.patch Tue Mar 06 11:23:40 2012 -0800
@@ -1,6 +1,6 @@
---- docs/conf/extra/httpd-ssl.conf.in.orig Thu May 12 11:44:53 2011
-+++ docs/conf/extra/httpd-ssl.conf.in Thu May 12 11:46:45 2011
-@@ -22,9 +22,10 @@
+--- docs/conf/extra/httpd-ssl.conf.in Wed Jan 4 12:10:40 2012
++++ docs/conf/extra/httpd-ssl.conf.in Mon Feb 27 07:09:48 2012
+@@ -22,11 +22,16 @@
# Manual for more details.
#
#SSLRandomSeed startup file:/dev/random 512
@@ -9,11 +9,17 @@
#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
+SSLRandomSeed connect file:/dev/urandom 512
+
++#
++# Enable Solaris crypto framework
++#
+SSLCryptoDevice pkcs11
-
++
#
-@@ -75,7 +76,7 @@
+ # When we also provide SSL we have to listen to the
+ # standard HTTP port (see above) and to the HTTPS port
+@@ -75,7 +80,7 @@
# General setup for the virtual host
DocumentRoot "@exp_htdocsdir@"
@@ -22,17 +28,3 @@
ServerAdmin [email protected]
ErrorLog "@exp_logfiledir@/error_log"
TransferLog "@exp_logfiledir@/access_log"
-@@ -87,8 +88,12 @@
- # SSL Cipher Suite:
- # List the ciphers that the client is permitted to negotiate.
- # See the mod_ssl documentation for a complete list.
--SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-+# AES with keylengths > 128 bit is not supported by default on Solaris.
-+# To operate with AES256 you must install the SUNWcry and SUNWcryr
-+# packages from the Solaris 10 Data Encryption Kit.
-+SSLCipherSuite ALL:!ADH:!EXPORT56:-AES256-SHA:-DHE-RSA-AES256-SHA:-DHE-DSS-AES256-SHA:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
-+
- # Server Certificate:
- # Point SSLCertificateFile at a PEM encoded certificate. If
- # the certificate is encrypted, then you will be prompted for a