Contents of /trunk/apache2/patches/apache2-2.4.3-default-ssl-settings.patch
Parent Directory | Revision Log
Revision 1928 -
(show annotations)
(download)
Wed Oct 31 11:33:28 2012 UTC (11 years, 10 months ago) by niro
File size: 2884 byte(s)
Wed Oct 31 11:33:28 2012 UTC (11 years, 10 months ago) by niro
File size: 2884 byte(s)
-rediffed patches and added mod_systemd patch
1 | --- httpd-2.4.3/docs/conf/extra/httpd-ssl.conf.in 2012-08-14 23:59:24.000000000 +0000 |
2 | +++ httpd-2.4.3-magellan/docs/conf/extra/httpd-ssl.conf.in 2012-10-31 12:39:33.905713598 +0000 |
3 | @@ -103,9 +103,9 @@ |
4 | # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) |
5 | # require an ECC certificate which can also be configured in |
6 | # parallel. |
7 | -SSLCertificateFile "@exp_sysconfdir@/server.crt" |
8 | -#SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt" |
9 | -#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt" |
10 | +SSLCertificateFile "@exp_sysconfdir@/ssl/server.crt" |
11 | +#SSLCertificateFile "@exp_sysconfdir@/ssl/server-dsa.crt" |
12 | +#SSLCertificateFile "@exp_sysconfdir@/ssl/server-ecc.crt" |
13 | |
14 | # Server Private Key: |
15 | # If the key is not combined with the certificate, use this |
16 | @@ -113,9 +113,9 @@ |
17 | # you've both a RSA and a DSA private key you can configure |
18 | # both in parallel (to also allow the use of DSA ciphers, etc.) |
19 | # ECC keys, when in use, can also be configured in parallel |
20 | -SSLCertificateKeyFile "@exp_sysconfdir@/server.key" |
21 | -#SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key" |
22 | -#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key" |
23 | +SSLCertificateKeyFile "@exp_sysconfdir@/ssl/server.key" |
24 | +#SSLCertificateKeyFile "@exp_sysconfdir@/ssl/server-dsa.key" |
25 | +#SSLCertificateKeyFile "@exp_sysconfdir@/ssl/server-ecc.key" |
26 | |
27 | # Server Certificate Chain: |
28 | # Point SSLCertificateChainFile at a file containing the |
29 | @@ -124,7 +124,7 @@ |
30 | # the referenced file can be the same as SSLCertificateFile |
31 | # when the CA certificates are directly appended to the server |
32 | # certificate for convenience. |
33 | -#SSLCertificateChainFile "@exp_sysconfdir@/server-ca.crt" |
34 | +#SSLCertificateChainFile "@exp_sysconfdir@/ssl/server-ca.crt" |
35 | |
36 | # Certificate Authority (CA): |
37 | # Set the CA certificate verification path where to find CA |
38 | @@ -133,8 +133,8 @@ |
39 | # Note: Inside SSLCACertificatePath you need hash symlinks |
40 | # to point to the certificate files. Use the provided |
41 | # Makefile to update the hash symlinks after changes. |
42 | -#SSLCACertificatePath "@exp_sysconfdir@/ssl.crt" |
43 | -#SSLCACertificateFile "@exp_sysconfdir@/ssl.crt/ca-bundle.crt" |
44 | +#SSLCACertificatePath "@exp_sysconfdir@/ssl/ssl.crt" |
45 | +#SSLCACertificateFile "@exp_sysconfdir@/ssl/ssl.crt/ca-bundle.crt" |
46 | |
47 | # Certificate Revocation Lists (CRL): |
48 | # Set the CA revocation path where to find CA CRLs for client |
49 | @@ -145,8 +145,8 @@ |
50 | # Note: Inside SSLCARevocationPath you need hash symlinks |
51 | # to point to the certificate files. Use the provided |
52 | # Makefile to update the hash symlinks after changes. |
53 | -#SSLCARevocationPath "@exp_sysconfdir@/ssl.crl" |
54 | -#SSLCARevocationFile "@exp_sysconfdir@/ssl.crl/ca-bundle.crl" |
55 | +#SSLCARevocationPath "@exp_sysconfdir@/ssl/ssl.crl" |
56 | +#SSLCARevocationFile "@exp_sysconfdir@/ssl/ssl.crl/ca-bundle.crl" |
57 | #SSLCARevocationCheck chain |
58 | |
59 | # Client Authentication (Type): |