Contents of /trunk/apache2/patches/apache2-2.4.3-default-ssl-settings.patch
Parent Directory
| 
Revision Log
Revision 1928 -
(show annotations)
(download)
Wed Oct 31 11:33:28 2012 UTC (11 years, 6 months ago) by niro
File size: 2884 byte(s)
Wed Oct 31 11:33:28 2012 UTC (11 years, 6 months ago) by niro
File size: 2884 byte(s)
-rediffed patches and added mod_systemd patch
| 1 | --- httpd-2.4.3/docs/conf/extra/httpd-ssl.conf.in 2012-08-14 23:59:24.000000000 +0000 |
| 2 | +++ httpd-2.4.3-magellan/docs/conf/extra/httpd-ssl.conf.in 2012-10-31 12:39:33.905713598 +0000 |
| 3 | @@ -103,9 +103,9 @@ |
| 4 | # Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt) |
| 5 | # require an ECC certificate which can also be configured in |
| 6 | # parallel. |
| 7 | -SSLCertificateFile "@exp_sysconfdir@/server.crt" |
| 8 | -#SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt" |
| 9 | -#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt" |
| 10 | +SSLCertificateFile "@exp_sysconfdir@/ssl/server.crt" |
| 11 | +#SSLCertificateFile "@exp_sysconfdir@/ssl/server-dsa.crt" |
| 12 | +#SSLCertificateFile "@exp_sysconfdir@/ssl/server-ecc.crt" |
| 13 | |
| 14 | # Server Private Key: |
| 15 | # If the key is not combined with the certificate, use this |
| 16 | @@ -113,9 +113,9 @@ |
| 17 | # you've both a RSA and a DSA private key you can configure |
| 18 | # both in parallel (to also allow the use of DSA ciphers, etc.) |
| 19 | # ECC keys, when in use, can also be configured in parallel |
| 20 | -SSLCertificateKeyFile "@exp_sysconfdir@/server.key" |
| 21 | -#SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key" |
| 22 | -#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key" |
| 23 | +SSLCertificateKeyFile "@exp_sysconfdir@/ssl/server.key" |
| 24 | +#SSLCertificateKeyFile "@exp_sysconfdir@/ssl/server-dsa.key" |
| 25 | +#SSLCertificateKeyFile "@exp_sysconfdir@/ssl/server-ecc.key" |
| 26 | |
| 27 | # Server Certificate Chain: |
| 28 | # Point SSLCertificateChainFile at a file containing the |
| 29 | @@ -124,7 +124,7 @@ |
| 30 | # the referenced file can be the same as SSLCertificateFile |
| 31 | # when the CA certificates are directly appended to the server |
| 32 | # certificate for convenience. |
| 33 | -#SSLCertificateChainFile "@exp_sysconfdir@/server-ca.crt" |
| 34 | +#SSLCertificateChainFile "@exp_sysconfdir@/ssl/server-ca.crt" |
| 35 | |
| 36 | # Certificate Authority (CA): |
| 37 | # Set the CA certificate verification path where to find CA |
| 38 | @@ -133,8 +133,8 @@ |
| 39 | # Note: Inside SSLCACertificatePath you need hash symlinks |
| 40 | # to point to the certificate files. Use the provided |
| 41 | # Makefile to update the hash symlinks after changes. |
| 42 | -#SSLCACertificatePath "@exp_sysconfdir@/ssl.crt" |
| 43 | -#SSLCACertificateFile "@exp_sysconfdir@/ssl.crt/ca-bundle.crt" |
| 44 | +#SSLCACertificatePath "@exp_sysconfdir@/ssl/ssl.crt" |
| 45 | +#SSLCACertificateFile "@exp_sysconfdir@/ssl/ssl.crt/ca-bundle.crt" |
| 46 | |
| 47 | # Certificate Revocation Lists (CRL): |
| 48 | # Set the CA revocation path where to find CA CRLs for client |
| 49 | @@ -145,8 +145,8 @@ |
| 50 | # Note: Inside SSLCARevocationPath you need hash symlinks |
| 51 | # to point to the certificate files. Use the provided |
| 52 | # Makefile to update the hash symlinks after changes. |
| 53 | -#SSLCARevocationPath "@exp_sysconfdir@/ssl.crl" |
| 54 | -#SSLCARevocationFile "@exp_sysconfdir@/ssl.crl/ca-bundle.crl" |
| 55 | +#SSLCARevocationPath "@exp_sysconfdir@/ssl/ssl.crl" |
| 56 | +#SSLCARevocationFile "@exp_sysconfdir@/ssl/ssl.crl/ca-bundle.crl" |
| 57 | #SSLCARevocationCheck chain |
| 58 | |
| 59 | # Client Authentication (Type): |