Now that mod_md has landed in trunk, I am looking at more ways 
to simplify a SSL configuration. Looking at the Listen directive,
it has an optional 2nd protocol parameter.

Would it be unreasonable to assume that a
    Listen NNN https

means that "SSLEngine on" should be the default in all
    <VirtualHost *:NNN>
       ServerName xxx.yyy

sections? Would we expect breakage by such a change?

What about name-based virtual hosts that apply to _all_ 
addresses and ports? E.g. something like:
       ServerName xxx.yyy
       <If "%{HTTPS} != 'on'">
          Redirect permanent "/" "https://xxx.yyy/";

Do you find that ugly/feasible/desirable?


Reply via email to