particle-os/debian-koji-osbuild
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-koji-osbuild/container/hub/ssl.conf
Christian Kellner 63355fe0a4 hub: switch to kerberos auth 
Switch to kerberos aut and also ship ssl.conf, adapted to serve
at localhost and the fqdn, instead of creating it via sed.
2020-09-05 16:29:46 +02:00

80 lines
1.9 KiB
Text
Raw Blame History

Listen 443 https
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
## SSL Virtual Host Context
# localhost
<VirtualHost _default_:443>
ServerName localhost
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel debug
SSLEngine on
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
SSLCertificateFile /share/crt.pem
SSLCertificateKeyFile /share/key.pem
SSLCertificateChainFile /share/ca-crt.pem
SSLCACertificateFile /share/ca-crt.pem
SSLVerifyDepth 1
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
# Full Qualified Domain Name, org.osbuild.koji.koji
<VirtualHost _default_:443>
ServerName org.osbuild.koji.koji
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel debug
SSLEngine on
SSLHonorCipherOrder on
SSLCipherSuite PROFILE=SYSTEM
SSLProxyCipherSuite PROFILE=SYSTEM
SSLCertificateFile /share/crt-fqdn.pem
SSLCertificateKeyFile /share/key.pem
SSLCertificateChainFile /share/ca-crt.pem
SSLCACertificateFile /share/ca-crt.pem
SSLVerifyDepth 1
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Reference in a new issue View git blame Copy permalink