diff options
Diffstat (limited to 'default-ssl.conf')
-rw-r--r-- | default-ssl.conf | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/default-ssl.conf b/default-ssl.conf new file mode 100644 index 0000000..ef90866 --- /dev/null +++ b/default-ssl.conf @@ -0,0 +1,18 @@ +Listen 443 +<VirtualHost *:443> + Protocols h2 http/1.1 + ServerName localhost + DocumentRoot "/var/www/html/" + <Directory "/var/www/html/"> + Require all denied + </Directory> + CustomLog /proc/self/fd/1 combined + ErrorLog /proc/self/fd/2 + SSLEngine on + SSLCertificateFile /cert.pem + SSLCertificateKeyFile /privkey.pem + SSLProtocol all -SSLv3 + SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS + SSLHonorCipherOrder on + SSLSessionTickets off +</VirtualHost> |