From cc2208e2de7a929da05ce2082819101493367434 Mon Sep 17 00:00:00 2001 From: Alex Dehnert Date: Fri, 26 Feb 2010 09:55:04 +0000 Subject: [PATCH] Enable SSL, particularly for alex.mit.edu --- mods-enabled/ssl.conf | 1 + mods-enabled/ssl.load | 1 + sites-available/alex | 35 ++++++++++++----------------------- sites-available/default-ssl | 7 ++++--- sites-common/alex | 21 +++++++++++++++++++++ sites-common/ssl-common | 11 +++++++++++ 6 files changed, 50 insertions(+), 26 deletions(-) create mode 120000 mods-enabled/ssl.conf create mode 120000 mods-enabled/ssl.load create mode 100644 sites-common/alex create mode 100644 sites-common/ssl-common diff --git a/mods-enabled/ssl.conf b/mods-enabled/ssl.conf new file mode 120000 index 0000000..b0f14d1 --- /dev/null +++ b/mods-enabled/ssl.conf @@ -0,0 +1 @@ +../mods-available/ssl.conf \ No newline at end of file diff --git a/mods-enabled/ssl.load b/mods-enabled/ssl.load new file mode 120000 index 0000000..9d79723 --- /dev/null +++ b/mods-enabled/ssl.load @@ -0,0 +1 @@ +../mods-available/ssl.load \ No newline at end of file diff --git a/sites-available/alex b/sites-available/alex index 48f52cc..5852018 100644 --- a/sites-available/alex +++ b/sites-available/alex @@ -1,26 +1,15 @@ - ServerAdmin adehnert-webmaster@mit.edu - ServerName adehnert.mit.edu - ServerAlias alex.mit.edu - - DocumentRoot /home/alex/public_html/ - - Options FollowSymLinks - AllowOverride None - - - Options Indexes FollowSymLinks MultiViews - AllowOverride FileInfo AuthConfig Limit Indexes Options - Order allow,deny - allow from all - - - ErrorLog /var/log/apache2/error.log - - # Possible values include: debug, info, notice, warn, error, crit, - # alert, emerg. - LogLevel warn - - CustomLog /var/log/apache2/access.log combined + ServerName alex.mit.edu + ServerAlias adehnert.mit.edu + Include sites-common/alex + + + + ServerName alex.mit.edu + Include sites-common/alex + Include sites-common/ssl-common + SSLCertificateFile /etc/ssl/certs/alex.mit.edu.pem + SSLCertificateKeyFile /etc/ssl/private/alex.mit.edu.key + diff --git a/sites-available/default-ssl b/sites-available/default-ssl index fa0b0ab..fca8fcf 100644 --- a/sites-available/default-ssl +++ b/sites-available/default-ssl @@ -1,6 +1,7 @@ - + ServerAdmin webmaster@localhost + ServerName masada.mit.edu DocumentRoot /var/www @@ -48,8 +49,8 @@ # /usr/share/doc/apache2.2-common/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. - SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem - SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + SSLCertificateFile /etc/ssl/certs/masada.mit.edu.web.pem + SSLCertificateKeyFile /etc/ssl/private/masada.mit.edu.web.key # Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the diff --git a/sites-common/alex b/sites-common/alex new file mode 100644 index 0000000..a090a0e --- /dev/null +++ b/sites-common/alex @@ -0,0 +1,21 @@ +ServerAdmin adehnert-webmaster@mit.edu + +DocumentRoot /home/alex/public_html/ + + Options FollowSymLinks + AllowOverride None + + + Options Indexes FollowSymLinks MultiViews + AllowOverride FileInfo AuthConfig Limit Indexes Options + Order allow,deny + allow from all + + +ErrorLog /var/log/apache2/error.log + +# Possible values include: debug, info, notice, warn, error, crit, +# alert, emerg. +LogLevel warn + +CustomLog /var/log/apache2/access.log combined diff --git a/sites-common/ssl-common b/sites-common/ssl-common new file mode 100644 index 0000000..a523a39 --- /dev/null +++ b/sites-common/ssl-common @@ -0,0 +1,11 @@ +SSLEngine on + + SSLOptions +StdEnvVars + + + SSLOptions +StdEnvVars + + +BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 -- 2.34.1