43 lines
1.2 KiB
Plaintext
43 lines
1.2 KiB
Plaintext
LoadModule ssl_module modules/mod_ssl.so
|
|
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
|
|
|
SSLRandomSeed startup file:/dev/urandom 512
|
|
SSLRandomSeed connect builtin
|
|
|
|
Listen 443
|
|
|
|
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
|
|
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES:!ADH
|
|
SSLHonorCipherOrder on
|
|
SSLProtocol all -SSLv3
|
|
SSLProxyProtocol all -SSLv3
|
|
SSLPassPhraseDialog builtin
|
|
SSLSessionCache "shmcb:/var/cache/mod_ssl/scache(512000)"
|
|
SSLSessionCacheTimeout 300
|
|
|
|
<VirtualHost _default_:443>
|
|
DocumentRoot "/app/public"
|
|
ServerName www.example.com:443
|
|
ServerAdmin you@example.com
|
|
ErrorLog logs/ssl_error.log
|
|
TransferLog logs/ssl_access.log
|
|
|
|
SSLEngine on
|
|
|
|
SSLCertificateFile /etc/letsencrypt/live/${WEB_URL}/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/${WEB_URL}/privkey.pem
|
|
|
|
<FilesMatch "\.(cgi|shtml|phtml|php)$">
|
|
SSLOptions +StdEnvVars
|
|
</FilesMatch>
|
|
<Directory "/app/public/cgi-bin">
|
|
SSLOptions +StdEnvVars
|
|
</Directory>
|
|
|
|
BrowserMatch "MSIE [2-5]" \
|
|
nokeepalive ssl-unclean-shutdown \
|
|
downgrade-1.0 force-response-1.0
|
|
|
|
CustomLog logs/ssl_request.log \
|
|
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
|
|
</VirtualHost> |