| ## |
| ## mod_http2 test config |
| ## |
| |
| <IfDefine APACHE2> |
| <IfModule http2_module> |
| |
| LogLevel http2:debug |
| |
| <VirtualHost h2c> |
| Protocols h2c http/1.1 |
| |
| <IfModule @CGI_MODULE@> |
| <Directory @SERVERROOT@/htdocs/modules/h2> |
| Options +ExecCGI |
| AddHandler cgi-script .pl |
| |
| </Directory> |
| </IfModule> |
| |
| <Location /modules/h2/hello.pl> |
| </Location> |
| <IfModule mod_rewrite.c> |
| RewriteEngine on |
| RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC] |
| </IfModule> |
| |
| </VirtualHost> |
| |
| <IfModule @ssl_module@> |
| |
| <VirtualHost @SERVERNAME@:h2> |
| Protocols h2 http/1.1 |
| H2Direct on |
| |
| SSLEngine on |
| SSLCACertificateFile @SSLCA@/asf/certs/ca.crt |
| SSLCACertificatePath @ServerRoot@/conf/ssl |
| SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl |
| SSLCARevocationCheck chain |
| |
| # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations |
| # |
| SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK |
| SSLProtocol All -SSLv2 -SSLv3 |
| SSLOptions +StdEnvVars |
| |
| <IfVersion >= 2.4.18> |
| # need this off as long as we ran on old openssl |
| H2ModernTLSOnly off |
| </IfVersion> |
| |
| <IfModule @CGI_MODULE@> |
| <Directory @SERVERROOT@/htdocs/modules/h2> |
| Options +ExecCGI |
| AddHandler cgi-script .pl |
| </Directory> |
| </IfModule> |
| |
| <Location /modules/h2/hello.pl> |
| </Location> |
| <IfModule mod_rewrite.c> |
| RewriteEngine on |
| RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC] |
| </IfModule> |
| |
| </VirtualHost> |
| |
| <VirtualHost noh2.example.org:h2> |
| Protocols http/1.1 |
| H2Direct off |
| </VirtualHost> |
| |
| <VirtualHost test.example.org:h2> |
| Protocols h2 http/1.1 |
| H2Direct on |
| |
| SSLEngine on |
| SSLCACertificateFile @SSLCA@/asf/certs/ca.crt |
| SSLCACertificatePath @ServerRoot@/conf/ssl |
| SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl |
| SSLCARevocationCheck chain |
| |
| # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations |
| # |
| SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK |
| SSLProtocol All -SSLv2 -SSLv3 |
| SSLOptions +StdEnvVars |
| |
| </VirtualHost> |
| |
| <VirtualHost test2.example.org:h2> |
| Protocols http/1.1 h2 |
| H2Direct on |
| </VirtualHost> |
| |
| <VirtualHost test-ser.example.org:h2> |
| </VirtualHost> |
| |
| </ifModule> |
| |
| </IfModule> |
| |
| </IfDefine> |
| |