Permalink
Browse files

Better SSL configuration to have a "A" at https://www.ssllabs.com/ssl…

  • Loading branch information...
llaumgui committed Sep 16, 2016
1 parent 34b181d commit 3cb4714036075975ba9f7c4da49ab5d16ec3311e
Showing with 5 additions and 1 deletion.
  1. +4 −0 httpd/2.4/Dockerfile
  2. +1 −1 httpd/2.4/conf.d/ssl-intermediate.conf
View
@@ -28,6 +28,10 @@ RUN rm -f /etc/httpd/conf.d/welcome.conf
RUN sed -i 's/LoadModule mpm_prefork_module/#LoadModule mpm_prefork_module/g' /etc/httpd/conf.modules.d/00-mpm.conf && \
sed -i 's/#LoadModule mpm_event_module/LoadModule mpm_event_module/g' /etc/httpd/conf.modules.d/00-mpm.conf
+# Secure HTTPS.
+RUN sed -i 's/SSLProtocol/#SSLProtocol/g' /etc/httpd/conf.d/ssl.conf && \
+ sed -i 's/SSLCipherSuite/#SSLCipherSuite/g' /etc/httpd/conf.d/ssl.conf
+
# Simple startup script to avoid some issues observed with container restart.
ADD files/run-httpd.sh /run-httpd.sh
RUN chmod -v +x /run-httpd.sh
@@ -1,5 +1,5 @@
# Configuration provided by Mozilla SSL Configuration Generator
-# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=apache-2.4.18&openssl=1.0.1e&hsts=yes&profile=modern
+# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=apache-2.4.18&openssl=1.0.1e&hsts=yes&profile=intermediate
# Intermediate configuration, tweak to your needs
SSLProtocol all -SSLv2 -SSLv3 -TLSv1

0 comments on commit 3cb4714

Please sign in to comment.