diff options
| author | Sven Göthel <[email protected]> | 2024-06-02 20:01:49 +0200 |
|---|---|---|
| committer | Sven Göthel <[email protected]> | 2024-06-02 20:01:49 +0200 |
| commit | f9d2d601adf62cc08ed745695bb79b1ee7ad4e2e (patch) | |
| tree | bc43afe7e7896a57a68b3a50173ce74ff6732cff | |
| parent | 5c57ce6f6a4ccabf8fbf75255f8738c905b1d617 (diff) | |
apache ssl setting update
| -rw-r--r-- | server/setup/05-service-settings/etc/apache2/sites-available/jogamp_org-ssl.conf | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/server/setup/05-service-settings/etc/apache2/sites-available/jogamp_org-ssl.conf b/server/setup/05-service-settings/etc/apache2/sites-available/jogamp_org-ssl.conf index 4eb3f11..58656b2 100644 --- a/server/setup/05-service-settings/etc/apache2/sites-available/jogamp_org-ssl.conf +++ b/server/setup/05-service-settings/etc/apache2/sites-available/jogamp_org-ssl.conf @@ -47,7 +47,8 @@ SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000) # SSL Protocol support: # List the enable protocol levels with which clients will be able to # connect. Disable SSLv2 access by default: - SSLProtocol all -SSLv2 + # SSLProtocol all -SSLv2 + SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 # SSL Cipher Suite: # List the ciphers that the client is permitted to negotiate. @@ -81,8 +82,8 @@ SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000) # SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem # SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key - SSLCertificateFile /etc/ssl/local/jogamp2022a.org.crt.pem - SSLCertificateKeyFile /etc/ssl/local/jogamp2022a.org.key.apache.pem + SSLCertificateFile /etc/ssl/local/jogamp2025a.org.crt.pem + SSLCertificateKeyFile /etc/ssl/local/jogamp2025a.org.key.apache.pem # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the @@ -95,7 +96,9 @@ SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000) #SSLCertificateChainFile /etc/ssl/local/thawte-SSL123_CA_Bundle.pem #SSLCertificateChainFile /etc/ssl/local/thawte-ca-cert3-20151105.pem - SSLCertificateChainFile /etc/ssl/local/thawte-ca-cert4-20171102.pem + #SSLCertificateChainFile /etc/ssl/local/thawte-ca-cert4-20171102.pem + #SSLCertificateChainFile /etc/ssl/local/thawte-ca-cert5-20181102.pem + SSLCertificateChainFile /etc/ssl/local/jogamp2025a.org.ca.pem # Certificate Authority (CA): # Set the CA certificate verification path where to find CA |