[packages/apache] Move SSLProtocol and SSLCipherSuite directives to be global default (which can overrided on per vhos
arekm
arekm at pld-linux.org
Wed Apr 10 15:13:51 CEST 2013
commit 0ce0b73693c536f832cf5d219664fe8d849417b3
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Wed Apr 10 15:12:57 2013 +0200
Move SSLProtocol and SSLCipherSuite directives to be global default
(which can overrided on per vhost basis).
apache-mod_ssl.conf | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
---
diff --git a/apache-mod_ssl.conf b/apache-mod_ssl.conf
index 949bbb0..4da2c7d 100644
--- a/apache-mod_ssl.conf
+++ b/apache-mod_ssl.conf
@@ -58,15 +58,6 @@ SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/httpd/ssl_scache(512000)
SSLSessionCacheTimeout 300
-##
-## SSL Virtual Host Context
-##
-
-<VirtualHost _default_:443>
-# SSL Engine Switch:
-# Enable/Disable SSL for this virtual host.
-SSLEngine on
-
# Usable SSL protocol flavors:
# This directive can be used to control the SSL protocol flavors mod_ssl
# should use when establishing its server environment. Clients then can only
@@ -78,6 +69,16 @@ SSLProtocol all -SSLv2
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXP:!LOW:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
+
+##
+## SSL Virtual Host Context
+##
+
+<VirtualHost _default_:443>
+# SSL Engine Switch:
+# Enable/Disable SSL for this virtual host.
+SSLEngine on
+
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/apache.git/commitdiff/0ce0b73693c536f832cf5d219664fe8d849417b3
More information about the pld-cvs-commit
mailing list