1 |
commit: 2eea875e2aacdf5cbc9c70ad404511851681def7 |
2 |
Author: Benedikt Boehm <hollow <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu Oct 8 17:52:05 2009 +0000 |
4 |
Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu Oct 8 17:52:05 2009 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/apache.git;a=commit;h=2eea875e |
7 |
|
8 |
update paths |
9 |
|
10 |
--- |
11 |
2.2/conf/vhosts.d/00_default_ssl_vhost.conf | 32 ++++++++++++++--------------- |
12 |
1 file changed, 15 insertions(+), 17 deletions(-) |
13 |
|
14 |
diff --git a/2.2/conf/vhosts.d/00_default_ssl_vhost.conf b/2.2/conf/vhosts.d/00_default_ssl_vhost.conf |
15 |
index 2df0f0b..98bfc2f 100644 |
16 |
--- a/2.2/conf/vhosts.d/00_default_ssl_vhost.conf |
17 |
+++ b/2.2/conf/vhosts.d/00_default_ssl_vhost.conf |
18 |
@@ -32,25 +32,23 @@ Listen 443 |
19 |
# kill -HUP will prompt again. Keep in mind that if you have both an RSA |
20 |
# and a DSA certificate you can configure both in parallel (to also allow |
21 |
# the use of DSA ciphers, etc.) |
22 |
- SSLCertificateFile /etc/apache2/ssl/server.crt |
23 |
- #SSLCertificateFile /etc/apache2/ssl/server-dsa.crt |
24 |
- |
25 |
+ SSLCertificateFile /etc/ssl/apache2/server.crt |
26 |
+ |
27 |
## Server Private Key: |
28 |
# If the key is not combined with the certificate, use this directive to |
29 |
# point at the key file. Keep in mind that if you've both a RSA and a DSA |
30 |
# private key you can configure both in parallel (to also allow the use of |
31 |
# DSA ciphers, etc.) |
32 |
- SSLCertificateKeyFile /etc/apache2/ssl/server.key |
33 |
- #SSLCertificateKeyFile /etc/apache2/ssl/server-dsa.key |
34 |
- |
35 |
+ SSLCertificateKeyFile /etc/ssl/apache2/server.key |
36 |
+ |
37 |
## Server Certificate Chain: |
38 |
# Point SSLCertificateChainFile at a file containing the concatenation of |
39 |
# PEM encoded CA certificates which form the certificate chain for the |
40 |
# server certificate. Alternatively the referenced file can be the same as |
41 |
# SSLCertificateFile when the CA certificates are directly appended to the |
42 |
# server certificate for convinience. |
43 |
- #SSLCertificateChainFile /etc/apache2/ssl/ca.crt |
44 |
- |
45 |
+ #SSLCertificateChainFile /etc/ssl/apache2/ca.crt |
46 |
+ |
47 |
## Certificate Authority (CA): |
48 |
# Set the CA certificate verification path where to find CA certificates |
49 |
# for client authentication or alternatively one huge file containing all |
50 |
@@ -58,9 +56,9 @@ Listen 443 |
51 |
# Note: Inside SSLCACertificatePath you need hash symlinks to point to the |
52 |
# certificate files. Use the provided Makefile to update the hash symlinks |
53 |
# after changes. |
54 |
- #SSLCACertificatePath /etc/apache2/ssl/ssl.crt |
55 |
- #SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt |
56 |
- |
57 |
+ #SSLCACertificatePath /etc/ssl/apache2/ssl.crt |
58 |
+ #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt |
59 |
+ |
60 |
## Certificate Revocation Lists (CRL): |
61 |
# Set the CA revocation path where to find CA CRLs for client authentication |
62 |
# or alternatively one huge file containing all of them (file must be PEM |
63 |
@@ -68,9 +66,9 @@ Listen 443 |
64 |
# Note: Inside SSLCARevocationPath you need hash symlinks to point to the |
65 |
# certificate files. Use the provided Makefile to update the hash symlinks |
66 |
# after changes. |
67 |
- #SSLCARevocationPath /etc/apache2/ssl/ssl.crl |
68 |
- #SSLCARevocationFile /etc/apache2/ssl/ca-bundle.crl |
69 |
- |
70 |
+ #SSLCARevocationPath /etc/ssl/apache2/ssl.crl |
71 |
+ #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl |
72 |
+ |
73 |
## Client Authentication (Type): |
74 |
# Client certificate verification type and depth. Types are none, optional, |
75 |
# require and optional_no_ca. Depth is a number which specifies how deeply |
76 |
@@ -78,7 +76,7 @@ Listen 443 |
77 |
# not valid. |
78 |
#SSLVerifyClient require |
79 |
#SSLVerifyDepth 10 |
80 |
- |
81 |
+ |
82 |
## Access Control: |
83 |
# With SSLRequire you can do per-directory access control based on arbitrary |
84 |
# complex boolean expressions containing server variable checks and other |
85 |
@@ -102,14 +100,14 @@ Listen 443 |
86 |
# name is the `one line' version of the client's X.509 certificate. |
87 |
# Note that no password is obtained from the user. Every entry in the user |
88 |
# file needs this password: `xxj31ZMTZzkVA'. |
89 |
- |
90 |
+ |
91 |
## ExportCertData: |
92 |
# This exports two additional environment variables: SSL_CLIENT_CERT and |
93 |
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server |
94 |
# (always existing) and the client (only existing when client |
95 |
# authentication is used). This can be used to import the certificates into |
96 |
# CGI scripts. |
97 |
- |
98 |
+ |
99 |
## StdEnvVars: |
100 |
# This exports the standard SSL/TLS related `SSL_*' environment variables. |
101 |
# Per default this exportation is switched off for performance reasons, |