Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <VirtualHost _default_:443>
- # General setup for the virtual host
- DocumentRoot "D:/htdocs/secure"
- ServerName localhost:443
- ServerAdmin admin@localhost
- ErrorLog logs/error.log
- <IfModule log_config_module>
- CustomLog logs/access.log combined
- </IfModule>
- # SSL Engine Switch:
- # Enable/Disable SSL for this virtual host.
- SSLEngine on
- # SSL Cipher Suite:
- # List the ciphers that the client is permitted to negotiate.
- # See the mod_ssl documentation for a complete list.
- SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
- # Server Certificate:
- # Point SSLCertificateFile at a PEM encoded certificate. If
- # the certificate is encrypted, then you will be prompted for a
- # pass phrase. Note that a kill -HUP will prompt again. Keep
- # in mind that if you have both an RSA and a DSA certificate you
- # can configure both in parallel (to also allow the use of DSA
- # ciphers, etc.)
- #SSLCertificateFile conf/ssl.crt/server-rsa.crt
- #SSLCertificateFile conf/ssl.crt/server-dsa.crt
- SSLCertificateFile conf/ssl.crt/server.crt
- # Server Private Key:
- # If the key is not combined with the certificate, use this
- # directive to point at the key file. Keep in mind that if
- # you've both a RSA and a DSA private key you can configure
- # both in parallel (to also allow the use of DSA ciphers, etc.)
- #SSLCertificateKeyFile conf/ssl.key/server-rsa.key
- #SSLCertificateKeyFile conf/ssl.key/server-dsa.key
- SSLCertificateKeyFile conf/ssl.key/server.key
- # Server Certificate Chain:
- # Point SSLCertificateChainFile at a file containing the
- # concatenation of PEM encoded CA certificates which form the
- # certificate chain for the server certificate. Alternatively
- # the referenced file can be the same as SSLCertificateFile
- # when the CA certificates are directly appended to the server
- # certificate for convinience.
- SSLCertificateChainFile conf/ssl.crt/server-ca.crt
- # Certificate Authority (CA):
- # Set the CA certificate verification path where to find CA
- # certificates for client authentication or alternatively one
- # huge file containing all of them (file must be PEM encoded)
- # Note: Inside SSLCACertificatePath you need hash symlinks
- # to point to the certificate files. Use the provided
- # Makefile to update the hash symlinks after changes.
- #SSLCACertificatePath conf/ssl.crt
- #SSLCACertificateFile conf/ssl.crt/server-ca.crt
- # Certificate Revocation Lists (CRL):
- # Set the CA revocation path where to find CA CRLs for client
- # authentication or alternatively one huge file containing all
- # of them (file must be PEM encoded)
- # Note: Inside SSLCARevocationPath you need hash symlinks
- # to point to the certificate files. Use the provided
- # Makefile to update the hash symlinks after changes.
- #SSLCARevocationPath conf/ssl.crl
- #SSLCARevocationFile conf/ssl.crl/server.crl
- # Client Authentication (Type):
- # Client certificate verification type and depth. Types are
- # none, optional, require and optional_no_ca. Depth is a
- # number which specifies how deeply to verify the certificate
- # issuer chain before deciding the certificate is not valid.
- #SSLVerifyClient require
- #SSLVerifyDepth 10
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement