summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenedikt Boehm <hollow@gentoo.org>2009-10-08 17:52:05 +0000
committerBenedikt Boehm <hollow@gentoo.org>2009-10-08 17:52:05 +0000
commit2eea875e2aacdf5cbc9c70ad404511851681def7 (patch)
tree853e7b6f03241bab9469d3c3eb96e088f4d12874 /2.2/conf/vhosts.d/00_default_ssl_vhost.conf
parentcleanup IfModule directives (diff)
downloadapache-2eea875e2aacdf5cbc9c70ad404511851681def7.tar.gz
apache-2eea875e2aacdf5cbc9c70ad404511851681def7.tar.bz2
apache-2eea875e2aacdf5cbc9c70ad404511851681def7.zip
update paths
Diffstat (limited to '2.2/conf/vhosts.d/00_default_ssl_vhost.conf')
-rw-r--r--2.2/conf/vhosts.d/00_default_ssl_vhost.conf32
1 files changed, 15 insertions, 17 deletions
diff --git a/2.2/conf/vhosts.d/00_default_ssl_vhost.conf b/2.2/conf/vhosts.d/00_default_ssl_vhost.conf
index 2df0f0b..98bfc2f 100644
--- a/2.2/conf/vhosts.d/00_default_ssl_vhost.conf
+++ b/2.2/conf/vhosts.d/00_default_ssl_vhost.conf
@@ -32,25 +32,23 @@ Listen 443
# kill -HUP will prompt again. Keep in mind that if you have both an RSA
# and a DSA certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
- SSLCertificateFile /etc/apache2/ssl/server.crt
- #SSLCertificateFile /etc/apache2/ssl/server-dsa.crt
-
+ SSLCertificateFile /etc/ssl/apache2/server.crt
+
## Server Private Key:
# If the key is not combined with the certificate, use this directive to
# point at the key file. Keep in mind that if you've both a RSA and a DSA
# private key you can configure both in parallel (to also allow the use of
# DSA ciphers, etc.)
- SSLCertificateKeyFile /etc/apache2/ssl/server.key
- #SSLCertificateKeyFile /etc/apache2/ssl/server-dsa.key
-
+ SSLCertificateKeyFile /etc/ssl/apache2/server.key
+
## Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the concatenation of
# PEM encoded CA certificates which form the certificate chain for the
# server certificate. Alternatively the referenced file can be the same as
# SSLCertificateFile when the CA certificates are directly appended to the
# server certificate for convinience.
- #SSLCertificateChainFile /etc/apache2/ssl/ca.crt
-
+ #SSLCertificateChainFile /etc/ssl/apache2/ca.crt
+
## Certificate Authority (CA):
# Set the CA certificate verification path where to find CA certificates
# for client authentication or alternatively one huge file containing all
@@ -58,9 +56,9 @@ Listen 443
# Note: Inside SSLCACertificatePath you need hash symlinks to point to the
# certificate files. Use the provided Makefile to update the hash symlinks
# after changes.
- #SSLCACertificatePath /etc/apache2/ssl/ssl.crt
- #SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt
-
+ #SSLCACertificatePath /etc/ssl/apache2/ssl.crt
+ #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt
+
## Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client authentication
# or alternatively one huge file containing all of them (file must be PEM
@@ -68,9 +66,9 @@ Listen 443
# Note: Inside SSLCARevocationPath you need hash symlinks to point to the
# certificate files. Use the provided Makefile to update the hash symlinks
# after changes.
- #SSLCARevocationPath /etc/apache2/ssl/ssl.crl
- #SSLCARevocationFile /etc/apache2/ssl/ca-bundle.crl
-
+ #SSLCARevocationPath /etc/ssl/apache2/ssl.crl
+ #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl
+
## Client Authentication (Type):
# Client certificate verification type and depth. Types are none, optional,
# require and optional_no_ca. Depth is a number which specifies how deeply
@@ -78,7 +76,7 @@ Listen 443
# not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
-
+
## Access Control:
# With SSLRequire you can do per-directory access control based on arbitrary
# complex boolean expressions containing server variable checks and other
@@ -102,14 +100,14 @@ Listen 443
# name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
-
+
## ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server
# (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates into
# CGI scripts.
-
+
## StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,