From 897ce41098acd66657c28464e665fafe0b075db5 Mon Sep 17 00:00:00 2001 From: Jonas Smedegaard Date: Mon, 19 Oct 2020 16:10:28 +0200 Subject: rename conf snippet local-ssl to local-tls --- apache2/conf-available/local-tls.conf | 67 +++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 apache2/conf-available/local-tls.conf (limited to 'apache2/conf-available/local-tls.conf') diff --git a/apache2/conf-available/local-tls.conf b/apache2/conf-available/local-tls.conf new file mode 100644 index 0000000..da6de62 --- /dev/null +++ b/apache2/conf-available/local-tls.conf @@ -0,0 +1,67 @@ + + + Define __TLSHOST + Define _TLSHOST ${_HOST} + + + + + Define __TLS_CERT_CHAIN + Define __TLS_KEY + Define _TLS_CERT_CHAIN /var/lib/dehydrated/certs/${_TLSHOST}/fullchain.pem + Define _TLS_KEY /var/lib/dehydrated/certs/${_TLSHOST}/privkey.pem + + + + + + + RedirectMatch permanent ^(?!/.well-known/)(.*) https://${_HOST}/$1 + + + + GnuTLSEnable on + + GnuTLSCertificateFile ${_TLS_CERT_CHAIN} + GnuTLSKeyFile ${_TLS_KEY} + + + GnuTLSOCSPStapling on + GnuTLSOCSPResponseFile ${_OCSP_RESPONSE} + + + GnuTLSOCSPStapling off + + + + + + SSLEngine on + + SSLCertificateFile ${_TLS_CERT_CHAIN} + SSLCertificateKeyFile ${_TLS_KEY} + + + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + + + + + + + Undefine _TLSHOST + Undefine __TLSHOST + + + Undefine _TLS_CERT_CHAIN + Undefine __TLS_CERT_CHAIN + + + Undefine _TLS_KEY + Undefine __TLS_KEY + -- cgit v1.2.3