hi,
for a given HTTPS listener in pound, iiuc, i can define a single
Cipher string that'll be used for all dirs under the listener's
DOCROOT.
how can i define different ciphers for use in different dirs? e.g.,
the goal is the equivalent of,
...
ListenHTTPS
Address xx.xx.xx.xx
Port 443
Cert "/home/sec/ssl.crt/combined.pem"
Service
URL ".*/sec/.*"
Ciphers "AES256-SHA"
BackEnd
Address 127.0.0.1
Port 8080
End
End
Service
URL ".*"
Ciphers "SSLv2:-LOW:-EXPORT:RC4+RSA"
BackEnd
Address 127.0.0.1
Port 8080
End
End
End
...
unfortunately, the above fails with
line 39: unknown directive " Ciphers "AES256-SHA"" - aborted
per-directory cipher config is certainly doable via mod_ssl in apache.
it's not clear to me if, by moving SSL negotiation "up front" to
pound, i've lost that capability, or simply have it config'd wrong.
any hints or suggestions as to how to achieve this?
thanks!
--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.
