Eolisation d'un Fournisseur d'identité Shibboleth / Eole Shibboleth IDP integration
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

idp-default-ssl.conf 1.7KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546
  1. <IfModule mod_ssl.c>
  2. <VirtualHost _default_:443>
  3. ServerName %%nom_domaine_machine:443
  4. ServerAlias %%idpDomain
  5. ServerAdmin %%system_mail_to
  6. DocumentRoot /var/www/html
  7. ErrorLog ${APACHE_LOG_DIR}/error.log
  8. CustomLog ${APACHE_LOG_DIR}/access.log combined
  9. ErrorDocument 400 /error/
  10. ErrorDocument 401 /error/
  11. ErrorDocument 403 /error/
  12. ErrorDocument 404 /error/
  13. ErrorDocument 500 /error/
  14. ErrorDocument 503 /error/
  15. ErrorDocument 504 /error/
  16. SSLEngine on
  17. SSLProtocol all -SSLv2 -SSLv3 -TLSv1
  18. SSLCipherSuite "kEDH+AESGCM:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-GCMSHA384:ECDHE-RSA-AES256-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSAAES256-SHA384:ECDHE-ECDSA-AES256-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSAAES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA256:AES256-GCM-SHA384:!3DES:!DES:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-SHA:!EDE3:!EDH-DSS-CBC-SHA:!EDH-DSSDES-CBC3-SHA:!EDH-RSA-DES-CBC-SHA:!EDH-RSA-DES-CBC3-SHA:!EXP-EDH-DSS-DES-CBCSHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXPORT:!MD5:!PSK:!RC4-SHA:!aNULL:!eNULL"
  19. SSLHonorCipherOrder on
  20. SSLCompression Off
  21. Header always set Strict-Transport-Security "max-age=63072000;includeSubDomains"
  22. SSLCertificateFile %%server_cert
  23. SSLCertificateKeyFile %%server_key
  24. <FilesMatch "\.(cgi|shtml|phtml|php)$">
  25. SSLOptions +StdEnvVars
  26. </FilesMatch>
  27. <Directory /usr/lib/cgi-bin>
  28. SSLOptions +StdEnvVars
  29. </Directory>
  30. <Location /error>
  31. AllowOverride All
  32. Options +Indexes
  33. Require all granted
  34. </Location>
  35. </VirtualHost>
  36. </IfModule>
  37. # vim: syntax=apache ts=4 sw=4 sts=4 sr noet