blob: c6b8fe324625bf279ce723cfe5e12dd808ba1836 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
SSLEngine On
SSLCertificateChainFile /etc/apache2/sites/{{ git_server_name }}/ssl/chain.pem
SSLCertificateFile /etc/apache2/sites/{{ git_server_name }}/ssl/cert.pem
SSLCertificateKeyFile /etc/apache2/sites/{{ git_server_name }}/ssl/key.pem
SSLEngine On
SSLHonorCipherOrder on
SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1 -SSLv3 -SSLv2
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
SSLCompression off
#Header always set Strict-Transport-Security "max-age=15984000"
SSLOptions StdEnvVars
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
|
