X-Git-Url: https://git.tld-linux.org/?p=packages%2Fapache.git;a=blobdiff_plain;f=apache-mod_ssl.conf;h=ea88204eef0671ee53b0966f3cdc61bbdd0a5fc5;hp=6645b96d8e906bde1264408b3d1f1a4d161e9f1c;hb=160c6597096811daf9c81504691db73fde329da1;hpb=f3212e095eae362fe56bc1be2b60151ac2d5fd20 diff --git a/apache-mod_ssl.conf b/apache-mod_ssl.conf index 6645b96..ea88204 100644 --- a/apache-mod_ssl.conf +++ b/apache-mod_ssl.conf @@ -18,6 +18,10 @@ LoadModule ssl_module modules/mod_ssl.so # block. So, if available, use this one instead. Read the mod_ssl User # Manual for more details. # + +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin + #SSLRandomSeed startup file:/dev/random 512 #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomSeed connect file:/dev/random 512 @@ -50,18 +54,12 @@ SSLPassPhraseDialog builtin # Configure the SSL Session Cache: First the mechanism # to use and second the expiring timeout (in seconds). #SSLSessionCache dbm:/var/cache/httpd/ssl_scache -#SSLSessionCache shmcb:/var/run/ssl_scache(512000) -SSLSessionCache shmcb:/var/cache/httpd/ssl_scache(512000) -SSLSessionCacheTimeout 300 - -## -## SSL Virtual Host Context -## +#SSLSessionCache shmcb:/var/cache/httpd/ssl_scache(512000) - -# SSL Engine Switch: -# Enable/Disable SSL for this virtual host. -SSLEngine on +# Replace this with one of the above (addition apache-mod_socache +# needs to be installed and a apropriate module has to be loaded) +SSLSessionCache nonenotnull +SSLSessionCacheTimeout 300 # Usable SSL protocol flavors: # This directive can be used to control the SSL protocol flavors mod_ssl @@ -74,6 +72,16 @@ SSLProtocol all -SSLv2 # See the mod_ssl documentation for a complete list. SSLCipherSuite ALL:!ADH:!EXP:!LOW:!SSLv2:RC4+RSA:+HIGH:+MEDIUM + +## +## SSL Virtual Host Context +## + + +# SSL Engine Switch: +# Enable/Disable SSL for this virtual host. +SSLEngine on + # Server Certificate: # Point SSLCertificateFile at a PEM encoded certificate. If # the certificate is encrypted, then you will be prompted for a