Sync Apache2 SSL config with Debian Lenny default.

author: root <root@borneuni.dk> 2008-09-21 12:41:31 +0200
committer: root <root@borneuni.dk> 2008-09-21 12:41:31 +0200
commit: ea52763c483cd4ad4418aaac746ea54161333d90 (patch)
tree: 813c2bd008c07e0ba25ca2927f3cc2a8e3b2b123 /apache2/conf.d
parent: 0e9ffed62502b288048ee5108c650d619f5d2f44 (diff)
1 files changed, 11 insertions, 5 deletions
diff --git a/apache2/conf.d/local-ssl.conf b/apache2/conf.d/local-ssl.conf
index 4665362..4e1de50 100644
--- a/apache2/conf.d/local-ssl.conf
+++ b/apache2/conf.d/local-ssl.conf
@@ -1,17 +1,23 @@
 SSLEngine on
 SSLCertificateFile /etc/ssl/certs/apache2.pem
 SSLCertificateKeyFile /etc/ssl/private/apache2.pem
-SSLCACertificatePath /etc/ssl/certs
-#SSLCARevocationPath /etc/apache2/ssl.crl
+SSLCACertificatePath /etc/ssl/certs/
+#SSLCARevocationPath /etc/apache2/ssl.crl/
 #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
+
 #SSLVerifyClient require
 #SSLVerifyDepth  10
 
-<Files ~ "\.(cgi|shtml|phtml|php3?)$">
+#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+<FilesMatch "\.(cgi|shtml|phtml|php)$">
 	SSLOptions +StdEnvVars
-</Files>
-<Directory "/usr/lib/cgi-bin">
+</FilesMatch>
+<Directory /usr/lib/cgi-bin>
 	SSLOptions +StdEnvVars
 </Directory>
 
+BrowserMatch ".*MSIE.*" \
+	nokeepalive ssl-unclean-shutdown \
+	downgrade-1.0 force-response-1.0
+
 #CustomLog /var/log/apache2/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
author	root <root@borneuni.dk>	2008-09-21 12:41:31 +0200
committer	root <root@borneuni.dk>	2008-09-21 12:41:31 +0200
commit	ea52763c483cd4ad4418aaac746ea54161333d90 (patch)
tree	813c2bd008c07e0ba25ca2927f3cc2a8e3b2b123 /apache2/conf.d
parent	0e9ffed62502b288048ee5108c650d619f5d2f44 (diff)