From ea52763c483cd4ad4418aaac746ea54161333d90 Mon Sep 17 00:00:00 2001
From: root <root@borneuni.dk>
Date: Sun, 21 Sep 2008 12:41:31 +0200
Subject: Sync Apache2 SSL config with Debian Lenny default.

---
 apache2/conf.d/local-ssl.conf | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'apache2')

diff --git a/apache2/conf.d/local-ssl.conf b/apache2/conf.d/local-ssl.conf
index 4665362..4e1de50 100644
--- a/apache2/conf.d/local-ssl.conf
+++ b/apache2/conf.d/local-ssl.conf
@@ -1,17 +1,23 @@
 SSLEngine on
 SSLCertificateFile /etc/ssl/certs/apache2.pem
 SSLCertificateKeyFile /etc/ssl/private/apache2.pem
-SSLCACertificatePath /etc/ssl/certs
-#SSLCARevocationPath /etc/apache2/ssl.crl
+SSLCACertificatePath /etc/ssl/certs/
+#SSLCARevocationPath /etc/apache2/ssl.crl/
 #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
+
 #SSLVerifyClient require
 #SSLVerifyDepth  10
 
-<Files ~ "\.(cgi|shtml|phtml|php3?)$">
+#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
+<FilesMatch "\.(cgi|shtml|phtml|php)$">
 	SSLOptions +StdEnvVars
-</Files>
-<Directory "/usr/lib/cgi-bin">
+</FilesMatch>
+<Directory /usr/lib/cgi-bin>
 	SSLOptions +StdEnvVars
 </Directory>
 
+BrowserMatch ".*MSIE.*" \
+	nokeepalive ssl-unclean-shutdown \
+	downgrade-1.0 force-response-1.0
+
 #CustomLog /var/log/apache2/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-- 
cgit v1.2.3