summaryrefslogtreecommitdiffstats
path: root/ext/passenger/apache2.conf
diff options
context:
space:
mode:
Diffstat (limited to 'ext/passenger/apache2.conf')
-rw-r--r--ext/passenger/apache2.conf29
1 files changed, 29 insertions, 0 deletions
diff --git a/ext/passenger/apache2.conf b/ext/passenger/apache2.conf
new file mode 100644
index 000000000..6a8a974d7
--- /dev/null
+++ b/ext/passenger/apache2.conf
@@ -0,0 +1,29 @@
+Listen 8140
+<VirtualHost *:8140>
+ SSLEngine on
+ SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
+ SSLCertificateFile /var/lib/puppet/ssl/certs/puppet-server.inqnet.at.pem
+ SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet-server.inqnet.at.pem
+ SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
+ SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
+ # If Apache complains about invalid signatures on the CRL, you can try disabling
+ # CRL checking by commenting the next line.
+ SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
+ SSLVerifyClient optional
+ SSLVerifyDepth 1
+ SSLOptions +StdEnvVars
+
+ # The following client headers allow the same configuration to work with Pound.
+ RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
+ RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
+ RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
+
+ RackAutoDetect On
+ DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
+ <Directory /usr/share/puppet/rack/puppetmasterd/>
+ Options None
+ AllowOverride None
+ Order allow,deny
+ allow from all
+ </Directory>
+</VirtualHost>
generated by cgit (git 2.34.1) at 2026-01-06 11:06:09 +0000