From deef08a02706efc731555d4d4d1c43ca126d6d3e Mon Sep 17 00:00:00 2001 From: Kaarle Ritvanen Date: Fri, 11 Sep 2015 13:03:38 +0300 Subject: [PATCH 09/14] httpd-ssl.conf SSL*File --- docs/conf/extra/httpd-ssl.conf.in | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in index da506c8..4462fa6 100644 --- a/docs/conf/extra/httpd-ssl.conf.in +++ b/docs/conf/extra/httpd-ssl.conf.in @@ -142,9 +142,9 @@ SSLEngine on # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) # require an ECC certificate which can also be configured in # parallel. -SSLCertificateFile "@exp_sysconfdir@/server.crt" -#SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt" -#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt" +SSLCertificateFile /etc/ssl/apache2/server.pem +#SSLCertificateFile /etc/ssl/apache2/server-dsa.pem +#SSLCertificateFile /etc/ssl/apache2/server-ecc.pem # Server Private Key: # If the key is not combined with the certificate, use this @@ -152,9 +152,9 @@ SSLCertificateFile "@exp_sysconfdir@/server.crt" # you've both a RSA and a DSA private key you can configure # both in parallel (to also allow the use of DSA ciphers, etc.) # ECC keys, when in use, can also be configured in parallel -SSLCertificateKeyFile "@exp_sysconfdir@/server.key" -#SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key" -#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key" +SSLCertificateKeyFile /etc/ssl/apache2/server.key +#SSLCertificateKeyFile /etc/ssl/apache2/server-dsa.key +#SSLCertificateKeyFile /etc/ssl/apache2/server-ecc.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the @@ -163,7 +163,7 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key" # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convenience. -#SSLCertificateChainFile "@exp_sysconfdir@/server-ca.crt" +#SSLCertificateChainFile /etc/ssl/apache2/server-ca.pem # Certificate Authority (CA): # Set the CA certificate verification path where to find CA @@ -172,8 +172,8 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key" # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. -#SSLCACertificatePath "@exp_sysconfdir@/ssl.crt" -#SSLCACertificateFile "@exp_sysconfdir@/ssl.crt/ca-bundle.crt" +#SSLCACertificatePath /etc/ssl/apache2/ssl.crt +#SSLCACertificateFile /etc/ssl/apache2/ssl.crt/ca-bundle.pem # Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client @@ -184,8 +184,8 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key" # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. -#SSLCARevocationPath "@exp_sysconfdir@/ssl.crl" -#SSLCARevocationFile "@exp_sysconfdir@/ssl.crl/ca-bundle.crl" +#SSLCARevocationPath /etc/ssl/apache2/ssl.crl +#SSLCARevocationFile /etc/ssl/apache2/ssl.crl/ca-bundle.crl #SSLCARevocationCheck chain # Client Authentication (Type): -- 2.5.0