thomas
/
sovereign
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
583 Commits
1 Branch
Tree: b674035d21
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b674035d21'
${ noResults }
sovereign/roles/common/templates/etc_apache2_ssl.conf.j2

etc_apache2_ssl.conf.j2 1.0KB
History Raw

1234567891011121314 
  1. SSLEngine on

  2. SSLProtocol ALL -SSLv2 -SSLv3

  3. SSLHonorCipherOrder On

  4. SSLCompression off

  5. {% if ansible_distribution_release != 'wheezy' %}

  6.     SSLUseStapling On

  7.     SSLStaplingResponderTimeout 5

  8.     SSLStaplingReturnResponderErrors off

  9. {% endif %}

  10. SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK

  11. SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt

  12. SSLCertificateKeyFile   /etc/ssl/private/wildcard_private.key

  13. SSLCACertificateFile    /etc/ssl/certs/wildcard_ca.pem

  14. Header add Strict-Transport-Security "max-age=15768000; includeSubdomains"