-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
ssl.conf.erb
41 lines (39 loc) · 1.59 KB
/
ssl.conf.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<IfModule mod_ssl.c>
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom <%= @ssl_random_seed_bytes %>
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom <%= @ssl_random_seed_bytes %>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog <%= @ssl_pass_phrase_dialog %>
SSLSessionCache "shmcb:<%= @ssl_sessioncache %>"
SSLSessionCacheTimeout <%= @ssl_sessioncachetimeout %>
<%- if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%>
Mutex <%= @_ssl_mutex %>
<%- if @ssl_compression -%>
SSLCompression <%= scope.function_bool2httpd([@ssl_compression]) %>
<%- end -%>
<%- else -%>
SSLMutex <%= @_ssl_mutex %>
<%- end -%>
SSLCryptoDevice <%= @ssl_cryptodevice %>
SSLHonorCipherOrder <%= scope.function_bool2httpd([@_ssl_honorcipherorder]) %>
<% if scope.function_versioncmp([@_apache_version, '2.4']) >= 0 -%>
SSLUseStapling <%= scope.function_bool2httpd([@ssl_stapling]) %>
<%- if not @ssl_stapling_return_errors.nil? -%>
SSLStaplingReturnResponderErrors <%= scope.function_bool2httpd([@ssl_stapling_return_errors]) %>
<%- end -%>
SSLStaplingCache "shmcb:<%= @stapling_cache %>"
<% end -%>
SSLCipherSuite <%= @ssl_cipher %>
SSLProtocol <%= @ssl_protocol.compact.join(' ') %>
<% if not @ssl_proxy_protocol.empty? -%>
SSLProxyProtocol <%= @ssl_proxy_protocol.compact.join(' ') %>
<% end -%>
<% if @ssl_options -%>
SSLOptions <%= @ssl_options.compact.join(' ') %>
<% end -%>
<%- if @ssl_openssl_conf_cmd -%>
SSLOpenSSLConfCmd <%= @ssl_openssl_conf_cmd %>
<%- end -%>
</IfModule>