Now that mod_md has landed in trunk, I am looking at more ways
to simplify a SSL configuration. Looking at the Listen directive,
it has an optional 2nd protocol parameter.
Would it be unreasonable to assume that a
Listen NNN https
means that "SSLEngine on" should be the default in all
<VirtualHost *:NNN>
ServerName xxx.yyy
...
</VirtualHost>
sections? Would we expect breakage by such a change?
What about name-based virtual hosts that apply to _all_
addresses and ports? E.g. something like:
<VirtualHost>
ServerName xxx.yyy
...
<If "%{HTTPS} != 'on'">
Redirect permanent "/" "https://xxx.yyy/";
</If>
...
</VirtualHost>
Do you find that ugly/feasible/desirable?
-Stefan
