dougm 02/04/02 14:09:16
Modified: perl-framework/t/conf/ssl proxyssl.conf.in
Log:
test all of the SSLProxy* directives
Revision Changes Path
1.8 +12 -2 httpd-test/perl-framework/t/conf/ssl/proxyssl.conf.in
Index: proxyssl.conf.in
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/t/conf/ssl/proxyssl.conf.in,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- proxyssl.conf.in 1 Apr 2002 19:40:13 -0000 1.7
+++ proxyssl.conf.in 2 Apr 2002 22:09:16 -0000 1.8
@@ -5,10 +5,18 @@
#these are not on by default in the 1.x based mod_ssl
<IfDefine APACHE2>
SSLProxyEngine On
+
+ SSLProxyProtocol +SSLv2 +SSLv3 +TLSv1
+ SSLProxyCipherSuite
ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+
SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem
+ #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy
+
SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt
- SSLProxyVerify on
+ SSLProxyCACertificatePath @ServerRoot@/conf/ssl
SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
+ SSLProxyVerify on
+ SSLProxyVerifyDepth 10
</IfDefine>
@@ -24,7 +32,9 @@
#these are not on by default in the 1.x based mod_ssl
<IfDefine APACHE2>
SSLProxyEngine On
- SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem
+ #SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem
+ #client_ok.pem should be loaded first
+ SSLProxyMachineCertificatePath @SSLCA@/asf/proxy
SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt
SSLProxyVerify on
SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
