add minimale directives for apache
This commit is contained in:
parent
77497a2843
commit
26d3d9b3c2
16
HowtoSSL.md
16
HowtoSSL.md
|
@ -55,7 +55,12 @@ Note : sous Debian, pour regénérer le certificat *snakeoil* (certificat autog
|
|||
|
||||
~~~
|
||||
# make-ssl-cert generate-default-snakeoil --force-overwrite
|
||||
~~~
|
||||
~~~ SSLEngine on
|
||||
SSLCertificateFile /etc/apache2/ssl/secure.crt
|
||||
SSLCertificateKeyFile /etc/apache2/ssl/secure.key
|
||||
|
||||
# On désactive certaines prises en charge de protocole
|
||||
SSLProtocol All -SSLv2 -SSLv3
|
||||
|
||||
### Générer un certificat multi-domaines avec subjectAltName
|
||||
|
||||
|
@ -371,6 +376,15 @@ SSLStaplingCache shmcb:/var/log/apache2/ssl_staplingcache(2048000)
|
|||
Header always set Strict-Transport-Security "max-age=15552000"
|
||||
~~~
|
||||
|
||||
Voici une configuration minimale :
|
||||
|
||||
~~~{.apache}
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/ssl/certs/secure.crt
|
||||
SSLCertificateKeyFile /etc/ssl/private/secure.key
|
||||
SSLProtocol All -SSLv2 -SSLv3
|
||||
~~~
|
||||
|
||||
#### Configuration Nginx
|
||||
|
||||
En pratique avec Nginx (sous Debian 8), voici une configuration SSL avancée :
|
||||
|
|
Loading…
Reference in a new issue