X-Git-Url: https://dehnerts.com/gitweb/?a=blobdiff_plain;f=sites-available%2Fdefault-ssl;h=37ddad3d11f142a3b23f7765485d7d3f5f843f05;hb=86d0cf141d2382f121f34cd0f87f8f4b1c73cb72;hp=00b33ffaff8b51ed718c28e75fcb7405bff27b25;hpb=e9aa709ac2bf8d90480a787e67b14668f85059a5;p=sysconfig%2Fapache2.git

diff --git a/sites-available/default-ssl b/sites-available/default-ssl
index 00b33ff..37ddad3 100644
--- a/sites-available/default-ssl
+++ b/sites-available/default-ssl
@@ -1,46 +1,6 @@
 <IfModule mod_ssl.c>
 <VirtualHost *:443>
-	ServerAdmin webmaster@dehnerts.com
-	ServerName olinda.mit.edu
-	ServerAlias svn.dehnerts.com svn.dehnert.arctic.org
-	ServerAlias www.dehnerts.com www.dehnert.arctic.org
-
-	DocumentRoot /var/www
-	<Directory />
-		Options FollowSymLinks
-		AllowOverride None
-	</Directory>
-	<Directory /var/www/>
-		Options Indexes FollowSymLinks MultiViews
-		AllowOverride None
-		Order allow,deny
-		allow from all
-	</Directory>
-
-	ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
-	<Directory "/usr/lib/cgi-bin">
-		AllowOverride None
-		Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
-		Order allow,deny
-		Allow from all
-	</Directory>
-
-	ErrorLog /var/log/apache2/error.log
-
-	# Possible values include: debug, info, notice, warn, error, crit,
-	# alert, emerg.
-	LogLevel warn
-
-	CustomLog /var/log/apache2/ssl_access.log combined
-
-	Alias /doc/ "/usr/share/doc/"
-	<Directory "/usr/share/doc/">
-		Options Indexes MultiViews FollowSymLinks
-		AllowOverride None
-		Order deny,allow
-		Deny from all
-		Allow from 127.0.0.0/255.0.0.0 ::1/128
-	</Directory>
+	Include sites-common/default
 
 	#   SSL Engine Switch:
 	#   Enable/Disable SSL for this virtual host.
@@ -51,7 +11,9 @@
 	#   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
 	#   If both key and certificate are stored in the same file, only the
 	#   SSLCertificateFile directive is needed.
-	SSLCertificateFile    /etc/ssl/certs/general-web.crt
+	SSLCertificateFile /etc/ssl/certs/dehnerts-web.startssl.chain.crt
+	SSLCertificateChainFile /etc/ssl/certs/dehnerts-web.startssl.chain.crt
+	#SSLCertificateFile    /etc/ssl/certs/general-web.crt
 	SSLCertificateKeyFile /etc/ssl/private/general-web.key
 
 	#   Server Certificate Chain:
@@ -165,9 +127,11 @@
 	#   Similarly, one has to force some clients to use HTTP/1.0 to workaround
 	#   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
 	#   "force-response-1.0" for this.
-	BrowserMatch ".*MSIE.*" \
+	BrowserMatch "MSIE [2-6]" \
 		nokeepalive ssl-unclean-shutdown \
 		downgrade-1.0 force-response-1.0
+	# MSIE 7 and newer should be able to use keepalive
+	BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
 
 </VirtualHost>
 </IfModule>