diff options
| author | jorton <jorton@fedoraproject.org> | 2005-11-03 16:27:11 +0000 |
|---|---|---|
| committer | jorton <jorton@fedoraproject.org> | 2005-11-03 16:27:11 +0000 |
| commit | 9d36ace72fac74fe4ec03cfa1de3f9a0078406a5 (patch) | |
| tree | dfe2fc58887725195f7ff81615c7cf300b4e3ec7 /ssl.conf | |
| parent | 2a6347c8db5c141ce1a4330f8ace3bab82c9b318 (diff) | |
| download | httpd-9d36ace72fac74fe4ec03cfa1de3f9a0078406a5.tar.gz httpd-9d36ace72fac74fe4ec03cfa1de3f9a0078406a5.tar.xz httpd-9d36ace72fac74fe4ec03cfa1de3f9a0078406a5.zip | |
- log notice giving SELinux context at startup if enabledhttpd-2_0_54-15
- drop SSLv2 and restrict default cipher suite in default SSL configuration
Diffstat (limited to 'ssl.conf')
| -rw-r--r-- | ssl.conf | 19 |
1 files changed, 12 insertions, 7 deletions
@@ -99,16 +99,21 @@ LogLevel warn # Enable/Disable SSL for this virtual host. SSLEngine on +# SSL Protocol support: +# List the enable protocol levels with which clients will be able to +# connect. Disable SSLv2 access by default: +SSLProtocol all -SSLv2 + # SSL Cipher Suite: -# List the ciphers that the client is permitted to negotiate. -# See the mod_ssl documentation for a complete list. -SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP +# List the ciphers that the client is permitted to negotiate. +# See the mod_ssl documentation for a complete list. +SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW # Server Certificate: -# Point SSLCertificateFile at a PEM encoded certificate. If -# the certificate is encrypted, then you will be prompted for a -# pass phrase. Note that a kill -HUP will prompt again. A new -# certificate can be generated using the genkey(1) command. +# Point SSLCertificateFile at a PEM encoded certificate. If +# the certificate is encrypted, then you will be prompted for a +# pass phrase. Note that a kill -HUP will prompt again. A new +# certificate can be generated using the genkey(1) command. SSLCertificateFile /etc/pki/tls/certs/localhost.crt # Server Private Key: |