components/apache2/patches/ssl.conf.patch
author Petr Sumbera <petr.sumbera@oracle.com>
Tue, 18 Nov 2014 05:26:28 -0800
changeset 2223 2bbd29293854
parent 714 b205ca9f0d84
child 4052 dd17ecf751c3
permissions -rw-r--r--
18764604 Apache should not enable pkcs11 engine by default on T4/T4+ platforms
Patch origin: in-house
Patch status: Solaris-specific; not suitable for upstream

--- docs/conf/extra/httpd-ssl.conf.in	Wed Jan  4 12:10:40 2012
+++ docs/conf/extra/httpd-ssl.conf.in	Mon Feb 27 07:09:48 2012
@@ -22,11 +22,16 @@
 # Manual for more details.
 #
 #SSLRandomSeed startup file:/dev/random  512
-#SSLRandomSeed startup file:/dev/urandom 512
+SSLRandomSeed startup file:/dev/urandom 512
 #SSLRandomSeed connect file:/dev/random  512
-#SSLRandomSeed connect file:/dev/urandom 512
+SSLRandomSeed connect file:/dev/urandom 512
 
+#
+# Enable Solaris crypto framework (recommended for T1/T2/T3 based systems)
+#
+#SSLCryptoDevice pkcs11
 
+
 #
 # When we also provide SSL we have to listen to the 
 # standard HTTP port (see above) and to the HTTPS port
@@ -75,7 +80,7 @@
 
 #   General setup for the virtual host
 DocumentRoot "@[email protected]"
-ServerName www.example.com:@@[email protected]@
+ServerName 127.0.0.1:@@[email protected]@
 ServerAdmin [email protected]
 ErrorLog "@[email protected]/error_log"
 TransferLog "@[email protected]/access_log"