1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
From 50a5336a5c7f9ceb7d8e74175c7d5a6884283416 Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Fri, 11 Sep 2015 13:03:38 +0300
Subject: [PATCH 09/14] httpd-ssl.conf SSL*File
---
docs/conf/extra/httpd-ssl.conf.in | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in
index da506c8..4462fa6 100644
--- a/docs/conf/extra/httpd-ssl.conf.in
+++ b/docs/conf/extra/httpd-ssl.conf.in
@@ -142,9 +142,9 @@ SSLEngine on
# Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
# require an ECC certificate which can also be configured in
# parallel.
-SSLCertificateFile "@exp_sysconfdir@/server.crt"
-#SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt"
-#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt"
+SSLCertificateFile /etc/ssl/apache2/server.pem
+#SSLCertificateFile /etc/ssl/apache2/server-dsa.pem
+#SSLCertificateFile /etc/ssl/apache2/server-ecc.pem
# Server Private Key:
# If the key is not combined with the certificate, use this
@@ -152,9 +152,9 @@ SSLCertificateFile "@exp_sysconfdir@/server.crt"
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
# ECC keys, when in use, can also be configured in parallel
-SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
-#SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key"
-#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key"
+SSLCertificateKeyFile /etc/ssl/apache2/server.key
+#SSLCertificateKeyFile /etc/ssl/apache2/server-dsa.key
+#SSLCertificateKeyFile /etc/ssl/apache2/server-ecc.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
@@ -163,7 +163,7 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convenience.
-#SSLCertificateChainFile "@exp_sysconfdir@/server-ca.crt"
+#SSLCertificateChainFile /etc/ssl/apache2/server-ca.pem
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
@@ -172,8 +172,8 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
# Note: Inside SSLCACertificatePath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
-#SSLCACertificatePath "@exp_sysconfdir@/ssl.crt"
-#SSLCACertificateFile "@exp_sysconfdir@/ssl.crt/ca-bundle.crt"
+#SSLCACertificatePath /etc/ssl/apache2/ssl.crt
+#SSLCACertificateFile /etc/ssl/apache2/ssl.crt/ca-bundle.pem
# Certificate Revocation Lists (CRL):
# Set the CA revocation path where to find CA CRLs for client
@@ -184,8 +184,8 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
# Note: Inside SSLCARevocationPath you need hash symlinks
# to point to the certificate files. Use the provided
# Makefile to update the hash symlinks after changes.
-#SSLCARevocationPath "@exp_sysconfdir@/ssl.crl"
-#SSLCARevocationFile "@exp_sysconfdir@/ssl.crl/ca-bundle.crl"
+#SSLCARevocationPath /etc/ssl/apache2/ssl.crl
+#SSLCARevocationFile /etc/ssl/apache2/ssl.crl/ca-bundle.crl
#SSLCARevocationCheck chain
# Client Authentication (Type):
--
2.5.0
|
