From da253163d5352f5487d68d0ae30a1667482de1cb Mon Sep 17 00:00:00 2001 From: Jamie Nguyen Date: Tue, 17 Jul 2018 14:11:52 +0100 Subject: Switch to copying whole directory of config files --- 2.4/conf/sites-available/default-ssl.conf | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 2.4/conf/sites-available/default-ssl.conf (limited to '2.4/conf/sites-available/default-ssl.conf') diff --git a/2.4/conf/sites-available/default-ssl.conf b/2.4/conf/sites-available/default-ssl.conf new file mode 100644 index 0000000..ef90866 --- /dev/null +++ b/2.4/conf/sites-available/default-ssl.conf @@ -0,0 +1,18 @@ +Listen 443 + + Protocols h2 http/1.1 + ServerName localhost + DocumentRoot "/var/www/html/" + + Require all denied + + CustomLog /proc/self/fd/1 combined + ErrorLog /proc/self/fd/2 + SSLEngine on + SSLCertificateFile /cert.pem + SSLCertificateKeyFile /privkey.pem + SSLProtocol all -SSLv3 + SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS + SSLHonorCipherOrder on + SSLSessionTickets off + -- cgit v1.2.3