Skip to content

Instantly share code, notes, and snippets.

@yugaego

yugaego/gist:2e08ad56f9ed128d1e18

Last active August 29, 2015 14:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yugaego/2e08ad56f9ed128d1e18 to your computer and use it in GitHub Desktop.
Save yugaego/2e08ad56f9ed128d1e18 to your computer and use it in GitHub Desktop.
Download ZIP
SSL virtual hosts example Config
Raw
gistfile1.sh
LoadModule ssl_module modules/mod_ssl.so
Listen 443
SSLPassPhraseDialog exec:/usr/bin/ssl_passphrase.sh
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
NameVirtualHost *:443
SSLStrictSNIVHostCheck off
<VirtualHost *:443>
ServerName domain1.com
ServerAlias *.domain1.com
DocumentRoot "/home/web/public_html/domain1.com/public/"
ErrorLog /home/web/public_html/domain1.com/log/error.log
CustomLog /home/web/public_html/domain1.com/log/access.log combined
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/httpd/ssl/domain1/*.domain1.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/domain1/*.domain1.com.key
SSLCertificateChainFile /etc/httpd/ssl/domain1/*.domain1.com.intermediate.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:443>
ServerName sub.domain2.com
ServerAlias www.sub.domain2.com
DocumentRoot "/home/web/public_html/domain1.com/public/"
ErrorLog /home/web/public_html/domain1.com/log/error.log
CustomLog /home/web/public_html/domain1.com/log/access.log combined
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /etc/httpd/ssl/domain2/domain2.crt
SSLCertificateKeyFile /etc/httpd/ssl/domain2/domain2.com.key
SSLCertificateChainFile /etc/httpd/ssl/domain2/domain2.ca-bundle
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment