<VirtualHost _default_:443> # General setup for the virtual host Doc

1. <VirtualHost _default_:443>
2. # General setup for the virtual host
3. DocumentRoot "D:/htdocs/secure"
4.  
5. ServerName localhost:443
6. ServerAdmin admin@localhost
7.  
8. ErrorLog logs/error.log
9. <IfModule log_config_module>
10. CustomLog logs/access.log combined
11. </IfModule>
12.  
13. # SSL Engine Switch:
14. # Enable/Disable SSL for this virtual host.
15. SSLEngine on
16.  
17. # SSL Cipher Suite:
18. # List the ciphers that the client is permitted to negotiate.
19. # See the mod_ssl documentation for a complete list.
20. SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
21.  
22. # Server Certificate:
23. # Point SSLCertificateFile at a PEM encoded certificate. If
24. # the certificate is encrypted, then you will be prompted for a
25. # pass phrase. Note that a kill -HUP will prompt again. Keep
26. # in mind that if you have both an RSA and a DSA certificate you
27. # can configure both in parallel (to also allow the use of DSA
28. # ciphers, etc.)
29. #SSLCertificateFile conf/ssl.crt/server-rsa.crt
30. #SSLCertificateFile conf/ssl.crt/server-dsa.crt
31. SSLCertificateFile conf/ssl.crt/server.crt
32.  
33. # Server Private Key:
34. # If the key is not combined with the certificate, use this
35. # directive to point at the key file. Keep in mind that if
36. # you've both a RSA and a DSA private key you can configure
37. # both in parallel (to also allow the use of DSA ciphers, etc.)
38. #SSLCertificateKeyFile conf/ssl.key/server-rsa.key
39. #SSLCertificateKeyFile conf/ssl.key/server-dsa.key
40. SSLCertificateKeyFile conf/ssl.key/server.key
41.  
42. # Server Certificate Chain:
43. # Point SSLCertificateChainFile at a file containing the
44. # concatenation of PEM encoded CA certificates which form the
45. # certificate chain for the server certificate. Alternatively
46. # the referenced file can be the same as SSLCertificateFile
47. # when the CA certificates are directly appended to the server
48. # certificate for convinience.
49. SSLCertificateChainFile conf/ssl.crt/server-ca.crt
50.  
51. # Certificate Authority (CA):
52. # Set the CA certificate verification path where to find CA
53. # certificates for client authentication or alternatively one
54. # huge file containing all of them (file must be PEM encoded)
55. # Note: Inside SSLCACertificatePath you need hash symlinks
56. # to point to the certificate files. Use the provided
57. # Makefile to update the hash symlinks after changes.
58. #SSLCACertificatePath conf/ssl.crt
59. #SSLCACertificateFile conf/ssl.crt/server-ca.crt
60.  
61. # Certificate Revocation Lists (CRL):
62. # Set the CA revocation path where to find CA CRLs for client
63. # authentication or alternatively one huge file containing all
64. # of them (file must be PEM encoded)
65. # Note: Inside SSLCARevocationPath you need hash symlinks
66. # to point to the certificate files. Use the provided
67. # Makefile to update the hash symlinks after changes.
68. #SSLCARevocationPath conf/ssl.crl
69. #SSLCARevocationFile conf/ssl.crl/server.crl
70.  
71. # Client Authentication (Type):
72. # Client certificate verification type and depth. Types are
73. # none, optional, require and optional_no_ca. Depth is a
74. # number which specifies how deeply to verify the certificate
75. # issuer chain before deciding the certificate is not valid.
76. #SSLVerifyClient require
77. #SSLVerifyDepth 10