...
No Format |
---|
www.earth.com_server.signed_cert.pem.crt |
Warning |
---|
Provide a sub-page to explain the CA signing process as an example. |
...
Code Block | ||||
---|---|---|---|---|
| ||||
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName www.earch.com
ServerAlias earch.com
DocumentRoot /home/www.earth.com/www
<Directory />
# This prevents use of .htaccess
AllowOverride None
</Directory>
ErrorLog /var/log/apache2/ssl_www.earth.com.error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/ssl_www.earth.com.access.log combined
# ---------------------
# Start Enable SSL
# -----------------
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# Load the keys
SSLCertificateFile /etc/ssl/certs/www.earth.com_server.signed_cert.pem.crt
SSLCertificateKeyFile /etc/ssl/private/www.earth.com_server.pem.key
# Load the Certificate chain
SSLCertificateChainFile /etc/ssl/certs/StartSSL_Sub_Class1_CA.pem
# Loads all Certificate Authorities in the provided path
# SSLCACertificatePath /etc/ssl/certs/
# Alternatively, load the specific Certificate Authority
# SSLCACertificateFile /etc/ssl/certs/StartCom_Certification_Authority.pem
# SSL Engine Options
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
# "MSIE [17-9]" matches MSIE 7 to 9 and 10 to 19 (and 1, but that should not be a problem)
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
# -----------------
# End Enable SSL
# ---------------------
</VirtualHost>
</IfModule>
|
...