webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-11 03:25:54 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
40407aee99546b4f25632bcaeb796d2a53cb1bcb
bpfire/config/httpd/ssl-global.conf
Wolfgang Apolinarski d41fe99f74 Update to apache 2.4.27 
- Updated to apache 2.4
- Updated the htpasswd generation to use the more secure bcrypt algorithm

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2017-09-04 12:40:20 +01:00

56 lines
2.2 KiB
Plaintext
Raw Blame History

##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
# These are the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
<IfModule mod_ssl.c>
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
# shm means the same as shmht.
# Note that on most platforms shared memory segments are not allowed to be on
# network-mounted drives, so in that case you need to use the dbm method.
#SSLSessionCache none
#SSLSessionCache dbm:/var/log/httpd/ssl_scache
#SSLSessionCache shmht:/var/log/httpd/ssl_scache(512000)
SSLSessionCache shmcb:/var/log/httpd/ssl_scache(512000)
SSLSessionCacheTimeout 900
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Reference in New Issue View Git Blame Copy Permalink