e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
e942c741056732f50da2074b36fe59805d370650slive<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
5f5d1b4cc970b7f06ff8ef6526128e9a27303d88nd<!-- $LastChangedRevision$ -->
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding Licensed to the Apache Software Foundation (ASF) under one or more
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding contributor license agreements. See the NOTICE file distributed with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding this work for additional information regarding copyright ownership.
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding The ASF licenses this file to You under the Apache License, Version 2.0
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding (the "License"); you may not use this file except in compliance with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding the License. You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Strong cryptography using the Secure Sockets
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveLayer (SSL) and Transport Layer Security (TLS) protocols</description>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<p>This module provides SSL v3 and TLS v1.x support for the Apache
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sfHTTP Server. SSL v2 is no longer supported.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>This module relies on <a href="http://www.openssl.org/">OpenSSL</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto provide the cryptography engine.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>Further details, discussion, and examples are provided in the
53bae66d3dc14a667e14a451f7bc65a893dd450fnd<section id="envvars"><title>Environment Variables</title>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<p>This module can be configured to provide several items of SSL information
9f380527370b68cda29abdad35334f62d6a7326drbowenas additional environment variables to the SSI and CGI namespace. This
9f380527370b68cda29abdad35334f62d6a7326drboweninformation is not provided by default for performance reasons. (See
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<directive>SSLOptions</directive> StdEnvVars, below.) The generated variables
9f380527370b68cda29abdad35334f62d6a7326drbowenare listed in the table below. For backward compatibility the information can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivebe made available under different names, too. Look in the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="/ssl/ssl_compat.html">Compatibility</a> chapter for details on the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecompatibility variables.</p>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".3"/><column width=".2"/><column width=".5"/>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive</columnspec>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>HTTPS</code></td> <td>flag</td> <td>HTTPS is being used.</td></tr>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand<tr><td><code>SSL_PROTOCOL</code></td> <td>string</td> <td>The SSL protocol version (SSLv3, TLSv1, TLSv1.1, TLSv1.2)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SESSION_ID</code></td> <td>string</td> <td>The hex-encoded SSL session id</td></tr>
98b409eae9ad8033008f8589b5c7c02ed49db767sctemme<tr><td><code>SSL_SESSION_RESUMED</code></td> <td>string</td> <td>Initial or Resumed SSL Session. Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use</td></tr>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<tr><td><code>SSL_SECURE_RENEG</code></td> <td>string</td> <td><code>true</code> if secure renegotiation is supported, else <code>false</code></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER</code></td> <td>string</td> <td>The cipher specification name</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_EXPORT</code></td> <td>string</td> <td><code>true</code> if cipher is an export cipher</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_USEKEYSIZE</code></td> <td>number</td> <td>Number of cipher bits (actually used)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_ALGKEYSIZE</code></td> <td>number</td> <td>Number of cipher bits (possible)</td></tr>
08ff7ca3674b179f36b9e0798ae2a9bdbb72c437wrowe<tr><td><code>SSL_COMPRESS_METHOD</code></td> <td>string</td> <td>SSL compression method negotiated</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_VERSION_INTERFACE</code></td> <td>string</td> <td>The mod_ssl program version</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_VERSION_LIBRARY</code></td> <td>string</td> <td>The OpenSSL program version</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_M_VERSION</code></td> <td>string</td> <td>The version of the client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_M_SERIAL</code></td> <td>string</td> <td>The serial of the client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_S_DN</code></td> <td>string</td> <td>Subject DN in client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_S_DN_</code><em>x509</em></td> <td>string</td> <td>Component of client's Subject DN</td></tr>
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand<tr><td><code>SSL_CLIENT_SAN_Email_</code><em>n</em></td> <td>string</td> <td>Client certificate's subjectAltName extension entries of type rfc822Name</td></tr>
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand<tr><td><code>SSL_CLIENT_SAN_DNS_</code><em>n</em></td> <td>string</td> <td>Client certificate's subjectAltName extension entries of type dNSName</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_I_DN</code></td> <td>string</td> <td>Issuer DN of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_I_DN_</code><em>x509</em></td> <td>string</td> <td>Component of client's Issuer DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_V_START</code></td> <td>string</td> <td>Validity of client's certificate (start time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_V_END</code></td> <td>string</td> <td>Validity of client's certificate (end time)</td></tr>
8514af9d926a1c330756d11eb71acfcf6e8e56bdjorton<tr><td><code>SSL_CLIENT_V_REMAIN</code></td> <td>string</td> <td>Number of days until client's certificate expires</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_CERT</code></td> <td>string</td> <td>PEM-encoded client certificate</td></tr>
256c9fec76025218e564ad19e100d4a38da10f42jorton<tr><td><code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em></td> <td>string</td> <td>PEM-encoded certificates in client certificate chain</td></tr>
dd993bccb903f6f0b256c4dc973b793848986ef2minfrin<tr><td><code>SSL_CLIENT_CERT_RFC4523_CEA</code></td> <td>string</td> <td>Serial number and issuer of the certificate. The format matches that of the CertificateExactAssertion in RFC4523</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_VERIFY</code></td> <td>string</td> <td><code>NONE</code>, <code>SUCCESS</code>, <code>GENEROUS</code> or <code>FAILED:</code><em>reason</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_M_VERSION</code></td> <td>string</td> <td>The version of the server certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_M_SERIAL</code></td> <td>string</td> <td>The serial of the server certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_S_DN</code></td> <td>string</td> <td>Subject DN in server's certificate</td></tr>
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand<tr><td><code>SSL_SERVER_SAN_Email_</code><em>n</em></td> <td>string</td> <td>Server certificate's subjectAltName extension entries of type rfc822Name</td></tr>
032982212dbcc7c3cce95bf89c503bb56e185ac7kbrand<tr><td><code>SSL_SERVER_SAN_DNS_</code><em>n</em></td> <td>string</td> <td>Server certificate's subjectAltName extension entries of type dNSName</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_S_DN_</code><em>x509</em></td> <td>string</td> <td>Component of server's Subject DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_I_DN</code></td> <td>string</td> <td>Issuer DN of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_I_DN_</code><em>x509</em></td> <td>string</td> <td>Component of server's Issuer DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_V_START</code></td> <td>string</td> <td>Validity of server's certificate (start time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_V_END</code></td> <td>string</td> <td>Validity of server's certificate (end time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_CERT</code></td> <td>string</td> <td>PEM-encoded server certificate</td></tr>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<tr><td><code>SSL_SRP_USER</code></td> <td>string</td> <td>SRP username</td></tr>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<tr><td><code>SSL_SRP_USERINFO</code></td> <td>string</td> <td>SRP user info</td></tr>
0931befaaeb8ce718cd9f480204429e12f4a1f20humbedooh<tr><td><code>SSL_TLS_SNI</code></td> <td>string</td> <td>Contents of the SNI TLS extension (if supplied with ClientHello)</td></tr>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<p><em>x509</em> specifies a component of an X.509 DN; one of
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>. In Apache 2.1 and
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonlater, <em>x509</em> may also include a numeric <code>_n</code>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonsuffix. If the DN in question contains multiple attributes of the
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonsame name, this suffix is used as a zero-based index to select a
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonparticular attribute. For example, where the server certificate
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonsubject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
fbcc97f10f1edb3bdcb0c66cba273abca56c670djorton<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each. A
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonvariable name without a <code>_n</code> suffix is equivalent to that
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonname with a <code>_0</code> suffix; the first (or only) attribute.
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonWhen the environment table is populated using
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonthe <directive module="mod_ssl">SSLOptions</directive> directive, the
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonfirst (or only) attribute of any DN is added only under a non-suffixed
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonname; i.e. no <code>_0</code> suffixed entries are added.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf<p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
1b1621900bd89ddc496d721c865a726f635ebd7esf2.3.11. See the <code>LegacyDNStringFormat</code> option for
1b1621900bd89ddc496d721c865a726f635ebd7esf<directive module="mod_ssl">SSLOptions</directive> for details.</p>
8514af9d926a1c330756d11eb71acfcf6e8e56bdjorton<p><code>SSL_CLIENT_V_REMAIN</code> is only available in version 2.1
8514af9d926a1c330756d11eb71acfcf6e8e56bdjortonand later.</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>A number of additional environment variables can also be used
f7ac17a355153b91b25db5d526afd752465aa489jortonin <directive>SSLRequire</directive> expressions, or in custom log
f7ac17a355153b91b25db5d526afd752465aa489jortonformats:</p>
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_REFERER QUERY_STRING SERVER_SOFTWARE
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_COOKIE REMOTE_HOST API_VERSION
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_FORWARDED REMOTE_IDENT TIME_YEAR
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_HOST IS_SUBREQ TIME_MON
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_PROXY_CONNECTION DOCUMENT_ROOT TIME_DAY
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_ACCEPT SERVER_ADMIN TIME_HOUR
f7ac17a355153b91b25db5d526afd752465aa489jortonTHE_REQUEST SERVER_NAME TIME_MIN
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_FILENAME SERVER_PORT TIME_SEC
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_METHOD SERVER_PROTOCOL TIME_WDAY
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_SCHEME REMOTE_ADDR TIME
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>In these contexts, two special formats can also be used:</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton <dd>This will expand to the standard environment
f7ac17a355153b91b25db5d526afd752465aa489jorton <dd>This will expand to the value of the request header with name
53bae66d3dc14a667e14a451f7bc65a893dd450fnd<section id="logformats"><title>Custom Log Formats</title>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>When <module>mod_ssl</module> is built into Apache or at least
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveloaded (under DSO situation) additional functions exist for the <a
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimhref="mod_log_config.html#formats">Custom Log Format</a> of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveadditional ``<code>%{</code><em>varname</em><code>}x</code>''
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveeXtension format function which can be used to expand any variables
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprovided by any module, especially those provided by mod_ssl which can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveyou find in the above table.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveFor backward compatibility there is additionally a special
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive``<code>%{</code><em>name</em><code>}c</code>'' cryptography format function
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprovided. Information about this function is provided in the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="/ssl/ssl_compat.html">Compatibility</a> chapter.</p>
aaed4ebc116f5862aff2610a809a9a9e9a28f50ecoarCustomLog "logs/ssl_request_log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton<p><module>mod_ssl</module> sets "notes" for the request which can be
2ff3ef24f2af86bdafd2b4ca698091048e066b28jortonused in logging with the <code>%{<em>name</em>}n</code> format
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton <dd>This note is set to the value <code>1</code> if access was
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton or <directive>SSLRequireSSL</directive> directive.</dd>
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton <dd>If <module>mod_ssl</module> is built against a version of
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton OpenSSL which supports the secure renegotiation extension, this note
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton is set to the value <code>1</code> if SSL is in used for the current
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton connection, and the client also supports the secure renegotiation
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton extension. If the client does not support the secure renegotiation
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton extension, the note is set to the value <code>0</code>.
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton If <module>mod_ssl</module> is not built against a version of
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton OpenSSL which supports secure renegotiation, or if SSL is not in use
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton for the current connection, the note is not set.</dd>
eac658ceff08fb117e2484d8e16a38c775840b3fsf<section id="authzproviders"><title>Authorization providers for use with Require</title>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p><module>mod_ssl</module> provides a few authentication providers for use
eac658ceff08fb117e2484d8e16a38c775840b3fsf <directive module="mod_authz_core">Require</directive> directive.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The <code>ssl</code> provider denies access if a connection is not
eac658ceff08fb117e2484d8e16a38c775840b3fsf encrypted with SSL. This is similar to the
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require ssl
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh </highlight>
eac658ceff08fb117e2484d8e16a38c775840b3fsf </section>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <section id="reqverifyclient"><title>Require ssl-verify-client</title>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The <code>ssl</code> provider allows access if the user is
eac658ceff08fb117e2484d8e16a38c775840b3fsf authenticated with a valid client certificate. This is only
eac658ceff08fb117e2484d8e16a38c775840b3fsf useful if <code>SSLVerifyClient optional</code> is in effect.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The following example grants access if the user is authenticated
eac658ceff08fb117e2484d8e16a38c775840b3fsf either with a client certificate or by username and password.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require ssl-verify-client<br/>
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require valid-user
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh </highlight>
eac658ceff08fb117e2484d8e16a38c775840b3fsf </section>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Type of pass phrase dialog for encrypted private
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivekeys</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveWhen Apache starts up it has to read the various Certificate (see
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCertificateFile</directive>) and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePrivate Key (see <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCertificateKeyFile</directive>) files of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSL-enabled virtual servers. Because for security reasons the Private
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveKey files are usually encrypted, mod_ssl needs to query the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveadministrator for a Pass Phrase in order to decrypt those files. This
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivequery can be done in two ways which can be configured by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the default where an interactive terminal dialog occurs at startup
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive time just before Apache detaches from the terminal. Here the administrator
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive has to manually enter the Pass Phrase for each encrypted Private Key file.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Because a lot of SSL-enabled virtual hosts can be configured, the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive following reuse-scheme is used to minimize the dialog: When a Private Key
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive file is encrypted, all known Pass Phrases (at the beginning there are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive none, of course) are tried. If one of those known Pass Phrases succeeds no
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive dialog pops up for this particular Private Key file. If none succeeded,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive another Pass Phrase is queried on the terminal and remembered for the next
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive round (where it perhaps can be reused).</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This scheme allows mod_ssl to be maximally flexible (because for N encrypted
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Private Key files you <em>can</em> use N different Pass Phrases - but then
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive you have to enter all of them, of course) while minimizing the terminal
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive dialog (i.e. when you use a single Pass Phrase for all N Private Key files
c668ba618761ec81a1ee079106036454e8a88c96jorton <p>This mode allows an external program to be used which acts as a
c668ba618761ec81a1ee079106036454e8a88c96jorton pipe to a particular input device; the program is sent the standard
c668ba618761ec81a1ee079106036454e8a88c96jorton prompt text used for the <code>builtin</code> mode on
c668ba618761ec81a1ee079106036454e8a88c96jorton <code>stdin</code>, and is expected to write password strings on
c668ba618761ec81a1ee079106036454e8a88c96jorton <code>stdout</code>. If several passwords are needed (or an
c668ba618761ec81a1ee079106036454e8a88c96jorton incorrect password is entered), additional prompt text will be
c668ba618761ec81a1ee079106036454e8a88c96jorton written subsequent to the first password being returned, and more
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Here an external program is configured which is called at startup for each
45782c1250471bbab9458baefcffcb769f4e5b77kbrand encrypted Private Key file. It is called with one argument, a string of the
45782c1250471bbab9458baefcffcb769f4e5b77kbrand form ``<code>servername:portnumber:index</code>'' (with <code>index</code>
45782c1250471bbab9458baefcffcb769f4e5b77kbrand being a zero-based sequence number), which indicates for which server,
45782c1250471bbab9458baefcffcb769f4e5b77kbrand TCP port and certificate number it has to print the corresponding
9d4f1a87027cf517e7df218f75ecf93952d28aa8sf Pass Phrase to <code>stdout</code>. The intent is that this external
9d4f1a87027cf517e7df218f75ecf93952d28aa8sf program first runs security checks to make sure that the system is not
9d4f1a87027cf517e7df218f75ecf93952d28aa8sf compromised by an attacker, and only when these checks were passed
9d4f1a87027cf517e7df218f75ecf93952d28aa8sf successfully it provides the Pass Phrase.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Both these security checks, and the way the Pass Phrase is determined, can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be as complex as you like. Mod_ssl just defines the interface: an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive executable program which provides the Pass Phrase on <code>stdout</code>.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Nothing more or less! So, if you're really paranoid about security, here
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive is your interface. Anything else has to be left as an exercise to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive administrator, because local security requirements are so different.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive The reuse-algorithm above is used here, too. In other words: The external
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive program is called only once per unique Pass Phrase.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLPassPhraseDialog exec:/usr/local/apache/sbin/pp-filter
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Pseudo Random Number Generator (PRNG) seeding
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivesource</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis configures one or more sources for seeding the Pseudo Random Number
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveGenerator (PRNG) in OpenSSL at startup time (<em>context</em> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>startup</code>) and/or just before a new SSL connection is established
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(<em>context</em> is <code>connect</code>). This directive can only be used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the global server context because the PRNG is a global facility.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe following <em>source</em> variants are available:</p>
cfff4d16bbfcbf7cfe5a33ee394bcd8a17649e93humbedooh <p> This is the always available builtin seeding source. Its usage
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive consumes minimum CPU cycles under runtime and hence can be always used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive without drawbacks. The source used for seeding the PRNG contains of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive current time, the current process id and (when applicable) a randomly
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirier chosen 1KB extract of the inter-process scoreboard structure of Apache.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive The drawback is that this is not really a strong source and at startup
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive time (where the scoreboard is still not available) this source just
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive produces a few bytes of entropy. So you should always, at least for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses an external file <code>/path/to/source</code> as the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive source for seeding the PRNG. When <em>bytes</em> is specified, only the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive first <em>bytes</em> number of bytes of the file form the entropy (and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>bytes</em> is given to <code>/path/to/source</code> as the first
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive argument). When <em>bytes</em> is not specified the whole file forms the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy (and <code>0</code> is given to <code>/path/to/source</code> as
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the first argument). Use this especially at startup time, for instance
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>/dev/urandom</code> devices (which usually exist on modern Unix
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirier derivatives like FreeBSD and Linux).</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>But be careful</em>: Usually <code>/dev/random</code> provides only as
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive much entropy data as it actually has, i.e. when you request 512 bytes of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy, but the device currently has only 100 bytes available two things
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive can happen: On some platforms you receive only the 100 bytes while on
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive other platforms the read blocks until enough bytes are available (which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive can take a long time). Here using an existing <code>/dev/urandom</code> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive better, because it never blocks and actually gives the amount of requested
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive data. The drawback is just that the quality of the received data may not
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses an external executable
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>/path/to/program</code> as the source for seeding the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive PRNG. When <em>bytes</em> is specified, only the first
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>bytes</em> number of bytes of its <code>stdout</code> contents
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive form the entropy. When <em>bytes</em> is not specified, the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entirety of the data produced on <code>stdout</code> form the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy. Use this only at startup time when you need a very strong
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive seeding with the help of an external program (for instance as in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the example above with the <code>truerand</code> utility you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive find in the mod_ssl distribution which is based on the AT&T
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>truerand</em> library). Using this in the connection context
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive slows down the server too dramatically, of course. So usually you
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive should avoid using external programs in that context.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses the Unix domain socket of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive external Entropy Gathering Daemon (EGD) (see <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive href="http://www.lothar.com/tech/crypto/">http://www.lothar.com/tech
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive /crypto/</a>) to seed the PRNG. Use this if no random device exists
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLRandomSeed startup builtin
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLRandomSeed startup exec:/usr/local/bin/truerand 16
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLRandomSeed connect builtin
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Type of the global/inter-process SSL Session
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCache</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis configures the storage type of the global/inter-process SSL Session
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCache. This cache is an optional facility which speeds up parallel request
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprocessing. For requests to the same server process (via HTTP keep-alive),
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveOpenSSL already caches the SSL session information locally. But because modern
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclients request inlined images and other data via parallel requests (usually
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveup to four parallel requests are common) those requests are served by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>different</em> pre-forked server processes. Here an inter-process cache
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierhelps to avoid unnecessary session handshakes.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandThe following five storage <em>type</em>s are currently supported:</p>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This disables the global/inter-process Session Cache. This
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton will incur a noticeable speed penalty and may cause problems if
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton using certain browsers, particularly if client certificates are
75394345f1e542f71a0a37c7755070543124af7ejim <p>This disables any global/inter-process Session Cache. However
42167da203d969a1402cf7ce09c14586c04af1dfjim it does force OpenSSL to send a non-null session ID to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This makes use of a DBM hashfile on the local disk to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton synchronize the local OpenSSL memory caches of the server
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin processes. This session cache may suffer reliability issues under
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin high load. To use this, ensure that
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin <module>mod_socache_dbm</module> is loaded.</p></li>
856894d144a15ef1671032a17965bd00b430d311minfrin<li><code>shmcb:/path/to/datafile</code>[<code>(</code><em>size</em><code>)</code>]
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This makes use of a high-performance cyclic buffer
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton (approx. <em>size</em> bytes in size) inside a shared memory
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton segment in RAM (established via <code>/path/to/datafile</code>) to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton synchronize the local OpenSSL memory caches of the server
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin processes. This is the recommended session cache. To use this,
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin ensure that <module>mod_socache_shmcb</module> is loaded.</p></li>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton href="http://www.distcache.org/">distcache</a> distributed session
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton caching libraries. The argument should specify the location of
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton the server or proxy to be used using the distcache address syntax;
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton for example, <code>UNIX:/path/to/socket</code> specifies a UNIX
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton domain socket (typically a local dc_client proxy);
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <code>IP:server.example.com:9001</code> specifies an IP
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin address. To use this, ensure that
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data
856894d144a15ef1671032a17965bd00b430d311minfrinSSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data(512000)
180b8666f2271cf300f22560ed3d78b30982c097trawick<p>The <code>ssl-cache</code> mutex is used to serialize access to
180b8666f2271cf300f22560ed3d78b30982c097trawickthe session cache to prevent corruption. This mutex can be configured
180b8666f2271cf300f22560ed3d78b30982c097trawickusing the <directive module="core">Mutex</directive> directive.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Number of seconds before an SSL session expires
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the Session Cache</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLSessionCacheTimeout <em>seconds</em></syntax>
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<compatibility>Applies also to RFC 5077 TLS session resumption in Apache 2.4.10 and later</compatibility>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the timeout in seconds for the information stored in the
c9e4fbd1d56136bd92983a4fca184c28b92eade7rjungglobal/inter-process SSL Session Cache, the OpenSSL internal memory cache and
c9e4fbd1d56136bd92983a4fca184c28b92eade7rjungfor sessions resumed by TLS session resumption (RFC 5077).
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveIt can be set as low as 15 for testing, but should be set to higher
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevalues like 300 in real life.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLSessionCacheTimeout 600
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive toggles the usage of the SSL/TLS Protocol Engine. This
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivetype="section">VirtualHost</directive> section to enable SSL/TLS for a
1428f44b421e1c9ee0721b4b709dd10064758c40rbowenthat virtual host. By default the SSL/TLS Protocol Engine is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedisabled for both the main server and all configured virtual hosts.</p>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<VirtualHost _default_:443>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</VirtualHost>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<p>In Apache 2.1 and later, <directive>SSLEngine</directive> can be set to
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<a href="http://www.ietf.org/rfc/rfc2817.txt">RFC 2817</a>, Upgrading to TLS
eaeb7393a93910f37b697c302d656f3ec2351835pquernaWithin HTTP/1.1. At this time no web browsers support RFC 2817.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<contextlist><context>server config</context></contextlist>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweThis directive toggles the usage of the SSL library FIPS_mode flag.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweIt must be set in the global server context and cannot be configured
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimwith conflicting settings (SSLFIPS on followed by SSLFIPS off or
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowesimilar). The mode applies to all SSL library operations.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweIf httpd was compiled against an SSL library which did not support
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowethe FIPS_mode flag, <code>SSLFIPS on</code> will fail. Refer to the
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweFIPS 140-2 Security Policy document of the SSL provider library for
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowespecific requirements to use mod_ssl in a FIPS 140-2 approved mode
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweof operation; note that mod_ssl itself is not validated, but may be
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowedescribed as using FIPS 140-2 validated cryptographic module, when
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweall components are assembled and operated under the guidelines imposed
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweby the applicable Security Policy.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
0827cb14e550f6f65018431c22c2c913631c8f25kbrand<description>Configure usable SSL/TLS protocol versions</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLProtocol [+|-]<em>protocol</em> ...</syntax>
0827cb14e550f6f65018431c22c2c913631c8f25kbrandThis directive can be used to control which versions of the SSL/TLS protocol
610981f18632eeb2fbefd7d59681ebdfcba806fbjortonwill be accepted in new connections.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe available (case-insensitive) <em>protocol</em>s are:</p>
38283aab65389dd92a565cc907fa620b309ea26blgentis This is the Secure Sockets Layer (SSL) protocol, version 3.0, from
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim the Netscape Corporation.
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf It is the successor to SSLv2 and the predecessor to TLSv1.</p></li>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand This is the Transport Layer Security (TLS) protocol, version 1.0.
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand It is the successor to SSLv3 and is defined in
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf <a href="http://www.ietf.org/rfc/rfc2246.txt">RFC 2246</a>.
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand<li><code>TLSv1.1</code> (when using OpenSSL 1.0.1 and later)
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand A revision of the TLS 1.0 protocol, as defined in
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand <a href="http://www.ietf.org/rfc/rfc4346.txt">RFC 4346</a>.</p></li>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand<li><code>TLSv1.2</code> (when using OpenSSL 1.0.1 and later)
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand A revision of the TLS 1.1 protocol, as defined in
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand <a href="http://www.ietf.org/rfc/rfc5246.txt">RFC 5246</a>.</p></li>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand This is a shortcut for ``<code>+SSLv3 +TLSv1</code>'' or
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand - when using OpenSSL 1.0.1 and later -
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand ``<code>+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2</code>, respectively.</p></li>
0827cb14e550f6f65018431c22c2c913631c8f25kbrandSSLProtocol TLSv1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Cipher Suite available for negotiation in SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehandshake</description>
e5a1e1943bef5b61693c449bcd42d57b1f59c90csf<default>SSLCipherSuite DEFAULT (depends on OpenSSL version)</default>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis complex directive uses a colon-separated <em>cipher-spec</em> string
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconsisting of OpenSSL cipher specifications to configure the Cipher Suite the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclient is permitted to negotiate in the SSL handshake phase. Notice that this
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedirective can be used both in per-server and per-directory context. In
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-server context it applies to the standard SSL handshake when a connection
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirieris established. In per-directory context it forces a SSL renegotiation with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivereconfigured Cipher Suite after the HTTP request was read but before the HTTP
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveresponse is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAn SSL cipher specification in <em>cipher-spec</em> is composed of 4 major
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveattributes plus a few extra minor ones:</p>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf RSA, Diffie-Hellman, Elliptic Curve Diffie-Hellman, Secure Remote Password
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf RSA, Diffie-Hellman, DSS, ECDSA, or none.
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf AES, DES, Triple-DES, RC4, RC2, IDEA, etc.
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf MD5, SHA or SHA1, SHA256, SHA384.
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<p>An SSL cipher can also be an export cipher. SSLv2 ciphers are no longer
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sfsupported. To specify which ciphers to use, one can either specify all the
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sfCiphers, one at a time, or use aliases to specify the preference and order
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf1</a>). The actually available ciphers and aliases depends on the used
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sfopenssl version. Newer openssl versions may include additional ciphers.</p>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".5"/><column width=".5"/></columnspec>
984276e3760754bae346208618ad01194ddd4e73rbowen<tr><th><a name="table1">Tag</a></th> <th>Description</th></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Key Exchange Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kRSA</code></td> <td>RSA key exchange</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kDHr</code></td> <td>Diffie-Hellman key exchange with RSA key</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kDHd</code></td> <td>Diffie-Hellman key exchange with DSA key</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kEDH</code></td> <td>Ephemeral (temp.key) Diffie-Hellman key exchange (no cert)</td> </tr>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<tr><td><code>kSRP</code></td> <td>Secure Remote Password (SRP) key exchange</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Authentication Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aNULL</code></td> <td>No authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aRSA</code></td> <td>RSA authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aDSS</code></td> <td>DSS authentication</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aDH</code></td> <td>Diffie-Hellman authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Cipher Encoding Algorithm:</em></td></tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>eNULL</code></td> <td>No encryption</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>NULL</code></td> <td>alias for eNULL</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>AES</code></td> <td>AES encryption</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>DES</code></td> <td>DES encryption</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>3DES</code></td> <td>Triple-DES encryption</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>RC4</code></td> <td>RC4 encryption</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>RC2</code></td> <td>RC2 encryption</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>IDEA</code></td> <td>IDEA encryption</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>MAC Digest Algorithm</em>:</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>MD5</code></td> <td>MD5 hash function</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SHA1</code></td> <td>SHA1 hash function</td></tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>SHA</code></td> <td>alias for SHA1</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>SHA256</code></td> <td>SHA256 hash function</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>SHA384</code></td> <td>SHA384 hash function</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSLv3</code></td> <td>all SSL version 3.0 ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>TLSv1</code></td> <td>all TLS version 1.0 ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP</code></td> <td>all export ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXPORT40</code></td> <td>all 40-bit export ciphers only</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXPORT56</code></td> <td>all 56-bit export ciphers only</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>LOW</code></td> <td>all low strength ciphers (no export, single DES)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>MEDIUM</code></td> <td>all ciphers with 128 bit encryption</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>HIGH</code></td> <td>all ciphers using Triple-DES</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RSA</code></td> <td>all ciphers using RSA key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DH</code></td> <td>all ciphers using Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH</code></td> <td>all ciphers using Ephemeral Diffie-Hellman key exchange</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>ECDH</code></td> <td>Elliptic Curve Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>ADH</code></td> <td>all ciphers using Anonymous Diffie-Hellman key exchange</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>AECDH</code></td> <td>all ciphers using Anonymous Elliptic Curve Diffie-Hellman key exchange</td> </tr>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<tr><td><code>SRP</code></td> <td>all ciphers using Secure Remote Password (SRP) key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DSS</code></td> <td>all ciphers using DSS authentication</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>ECDSA</code></td> <td>all ciphers using ECDSA authentication</td> </tr>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<tr><td><code>aNULL</code></td> <td>all ciphers using no authentication</td> </tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveNow where this becomes interesting is that these can be put together
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto specify the order and ciphers you wish to use. To speed this up
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sfthere are also aliases (<code>SSLv3, TLSv1, EXP, LOW, MEDIUM,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHIGH</code>) for certain groups of ciphers. These tags can be joined
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivetogether with prefixes to form the <em>cipher-spec</em>. Available
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprefixes are:</p>
21d80c75366197941f9b957a89b3e988f6f963cedruggeri<li><code>+</code>: move matching ciphers to the current location in list</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>-</code>: remove cipher from list (can be added later again)</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>!</code>: kill cipher from list completely (can <strong>not</strong> be added later again)</li>
3ccfc257819b3bad063cd3ac9dd1670d5d2ae4d2kbrand<title><code>aNULL</code>, <code>eNULL</code> and <code>EXP</code>
3ccfc257819b3bad063cd3ac9dd1670d5d2ae4d2kbrandciphers are always disabled</title>
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<p>Beginning with version 2.4.7, null and export-grade
3ccfc257819b3bad063cd3ac9dd1670d5d2ae4d2kbrandciphers are always disabled, as mod_ssl unconditionally prepends any supplied
3ccfc257819b3bad063cd3ac9dd1670d5d2ae4d2kbrandcipher suite string with <code>!aNULL:!eNULL:!EXP:</code> at initialization.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>A simpler way to look at all of this is to use the ``<code>openssl ciphers
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive-v</code>'' command which provides a nice way to successively create the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecorrect <em>cipher-spec</em> string. The default <em>cipher-spec</em> string
e5a1e1943bef5b61693c449bcd42d57b1f59c90csfdepends on the version of the OpenSSL libraries used. Let's suppose it is
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalic``<code>RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5</code>'' which
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicmeans the following: Put <code>RC4-SHA</code> and <code>AES128-SHA</code> at
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicthe beginning. We do this, because these ciphers offer a good compromise
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicbetween speed and security. Next, include high and medium security ciphers.
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicFinally, remove all ciphers which do not authenticate, i.e. for SSL the
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicAnonymous Diffie-Hellman ciphers, as well as all ciphers which use
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalic<code>MD5</code> as hash algorithm, because it has been proven insufficient.</p>
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalic$ openssl ciphers -v 'RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5'
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicRC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicAES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicDHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive... ... ... ... ...
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicSEED-SHA SSLv3 Kx=RSA Au=RSA Enc=SEED(128) Mac=SHA1
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicPSK-RC4-SHA SSLv3 Kx=PSK Au=PSK Enc=RC4(128) Mac=SHA1
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicKRB5-RC4-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(128) Mac=SHA1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>The complete list of particular RSA & DH ciphers for SSL is given in <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".3"/><column width=".1"/><column width=".13"/>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<column width=".1"/><column width=".13"/><column width=".1"/>
984276e3760754bae346208618ad01194ddd4e73rbowen<tr><th><a name="table2">Cipher-Tag</a></th> <th>Protocol</th> <th>Key Ex.</th> <th>Auth.</th> <th>Enc.</th> <th>MAC</th> <th>Type</th> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>IDEA-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>IDEA(128)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-MD5</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-RC2-CBC-MD5</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>RC2(40)</td> <td>MD5</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-RC4-MD5</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>NULL-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>None</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>NULL-MD5</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>None</td> <td>MD5</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="7"><em>Diffie-Hellman Ciphers:</em></td></tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-RC4-MD5</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-RSA-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>RSA</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-DSS-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>DSS</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-RSA-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>RSA</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-DSS-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>DSS</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-EDH-RSA-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>RSA</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-EDH-DSS-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>DSS</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-ADH-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>None</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-ADH-RC4-MD5</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>None</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<description>Server PEM-encoded X.509 certificate data file</description>
60998c490ad3334eb07ae63b23b479ac564dec94kbrandThis directive points to a file with certificate data in PEM format.
60998c490ad3334eb07ae63b23b479ac564dec94kbrandAt a minimum, the file must include an end-entity (leaf) certificate.
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletcBeginning with version 2.4.8, it may also include intermediate CA
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletccertificates, sorted from leaf to root, and obsoletes
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<directive module="mod_ssl">SSLCertificateChainFile</directive>.
60998c490ad3334eb07ae63b23b479ac564dec94kbrandAdditional optional elements are DH parameters and/or an EC curve name
60998c490ad3334eb07ae63b23b479ac564dec94kbrandfor ephemeral keys, as generated by <code>openssl dhparam</code> and
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<code>openssl ecparam</code>, respectively (supported in version 2.4.7
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletcor later) and finally, the end-entity certificate's private key.
60998c490ad3334eb07ae63b23b479ac564dec94kbrandIf the private key is encrypted, the pass phrase dialog is forced
60998c490ad3334eb07ae63b23b479ac564dec94kbrandat startup time.</p>
60998c490ad3334eb07ae63b23b479ac564dec94kbrandThis directive can be used multiple times (referencing different filenames)
60998c490ad3334eb07ae63b23b479ac564dec94kbrandto support multiple algorithms for server authentication - typically
60998c490ad3334eb07ae63b23b479ac564dec94kbrandRSA, DSA, and ECC. The number of supported algorithms depends on the
60998c490ad3334eb07ae63b23b479ac564dec94kbrandOpenSSL version being used for mod_ssl: with version 1.0.0 or later,
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<code>openssl list-public-key-algorithms</code> will output a list
60998c490ad3334eb07ae63b23b479ac564dec94kbrandof supported algorithms.</p>
60998c490ad3334eb07ae63b23b479ac564dec94kbrandWhen running with OpenSSL 1.0.2 or later, this directive allows
60998c490ad3334eb07ae63b23b479ac564dec94kbrandto configure the intermediate CA chain on a per-certificate basis,
60998c490ad3334eb07ae63b23b479ac564dec94kbrandwhich removes a limitation of the (now obsolete)
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<directive module="mod_ssl">SSLCertificateChainFile</directive> directive.
60998c490ad3334eb07ae63b23b479ac564dec94kbrandDH and ECDH parameters, however, are only read from the first
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<directive>SSLCertificateFile</directive> directive, as they
60998c490ad3334eb07ae63b23b479ac564dec94kbrandare applied independently of the authentication algorithm type.</p>
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrand<title>DH parameter interoperability with primes > 1024 bit</title>
c63abf6ad1cf2f8cda4e3241dd77578e7d34eb53trawickBeginning with version 2.4.7, mod_ssl makes use of
c63abf6ad1cf2f8cda4e3241dd77578e7d34eb53trawickstandardized DH parameters with prime lengths of 2048, 3072 and 4096 bits
c63abf6ad1cf2f8cda4e3241dd77578e7d34eb53trawickand with additional prime lengths of 6144 and 8192 bits beginning with
c63abf6ad1cf2f8cda4e3241dd77578e7d34eb53trawickversion 2.4.10
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrand(from <a href="http://www.ietf.org/rfc/rfc3526.txt">RFC 3526</a>), and hands
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrandthem out to clients based on the length of the certificate's RSA/DSA key.
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrandWith Java-based clients in particular (Java 7 or earlier), this may lead
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrandto handshake failures - see this
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrand<a href="/ssl/ssl_faq.html#javadh">FAQ answer</a> for working around
b4e664baba9a4be0457c31f84b3dcc4c31f2cb07kbrandsuch issues.
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<description>Server PEM-encoded private key file</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCertificateKeyFile <em>file-path</em></syntax>
60998c490ad3334eb07ae63b23b479ac564dec94kbrandThis directive points to the PEM-encoded private key file for the
60998c490ad3334eb07ae63b23b479ac564dec94kbrandserver (the private key may also be combined with the certificate in the
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<directive module="mod_ssl">SSLCertificateFile</directive>, but this practice
60998c490ad3334eb07ae63b23b479ac564dec94kbrandis discouraged). If the contained private key is encrypted, the pass phrase
60998c490ad3334eb07ae63b23b479ac564dec94kbranddialog is forced at startup time.</p>
60998c490ad3334eb07ae63b23b479ac564dec94kbrandThe directive can be used multiple times (referencing different filenames)
60998c490ad3334eb07ae63b23b479ac564dec94kbrandto support multiple algorithms for server authentication. For each
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<directive module="mod_ssl">SSLCertificateKeyFile</directive>
60998c490ad3334eb07ae63b23b479ac564dec94kbranddirective, there must be a matching <directive>SSLCertificateFile</directive>
60998c490ad3334eb07ae63b23b479ac564dec94kbranddirective.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of PEM-encoded Server CA Certificates</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCertificateChainFile <em>file-path</em></syntax>
60998c490ad3334eb07ae63b23b479ac564dec94kbrand<note><title>SSLCertificateChainFile is deprecated</title>
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<p><code>SSLCertificateChainFile</code> became obsolete with version 2.4.8,
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletcwhen <directive module="mod_ssl">SSLCertificateFile</directive>
60998c490ad3334eb07ae63b23b479ac564dec94kbrandwas extended to also load intermediate CA certificates from the server
60998c490ad3334eb07ae63b23b479ac564dec94kbrandcertificate file.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the optional <em>all-in-one</em> file where you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveassemble the certificates of Certification Authorities (CA) which form the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate chain of the server certificate. This starts with the issuing CA
38283aab65389dd92a565cc907fa620b309ea26blgentiscertificate of the server certificate and can range up to the root CA
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate. Such a file is simply the concatenation of the various
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePEM-encoded CA Certificate files, usually in certificate chain order.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis should be used alternatively and/or additionally to <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCACertificatePath</directive> for explicitly
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconstructing the server certificate chain which is sent to the browser
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein addition to the server certificate. It is especially useful to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveavoid conflicts with CA certificates when using client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication. Because although placing a CA certificate of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver certificate chain into <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCACertificatePath</directive> has the same effect
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor the certificate chain construction, it has the side-effect that
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclient certificates issued by this same CA certificate are also
60d4e69911c2076d97a593f75947d53173a7a02anoodlaccepted on client authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveBut be careful: Providing the certificate chain works only if you are using a
60d4e69911c2076d97a593f75947d53173a7a02anoodl<em>single</em> RSA <em>or</em> DSA based server certificate. If you are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveusing a coupled RSA+DSA certificate pair, this will work only if actually both
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificates use the <em>same</em> certificate chain. Else the browsers will be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconfused in this situation.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/ca.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Directory of PEM-encoded CA Certificates for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCACertificatePath <em>directory-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the directory where you keep the Certificates of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCertification Authorities (CAs) whose clients you deal with. These are used to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveverify the client certificate on Client Authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe files in this directory have to be PEM-encoded and are accessed through
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehash filenames. So usually you can't just place the Certificate files
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethere: you also have to create symbolic links named
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>hash-value</em><code>.N</code>. And you should always make sure this directory
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowencontains the appropriate symbolic links.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCACertificatePath /usr/local/apache2/conf/ssl.crt/
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>File of concatenated PEM-encoded CA Certificates
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor Client Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCACertificateFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the <em>all-in-one</em> file where you can assemble the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCertificates of Certification Authorities (CA) whose <em>clients</em> you deal
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivewith. These are used for Client Authentication. Such a file is simply the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconcatenation of the various PEM-encoded Certificate files, in order of
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimpreference. This can be used alternatively and/or additionally to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCACertificatePath</directive>.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-client.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>File of concatenated PEM-encoded CA Certificates
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonfor defining acceptable CA names</description>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<syntax>SSLCADNRequestFile <em>file-path</em></syntax>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>When a client certificate is requested by mod_ssl, a list of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>acceptable Certificate Authority names</em> is sent to the client
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonin the SSL handshake. These CA names can be used by the client to
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonselect an appropriate client certificate out of those it has
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonavailable.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestPath</directive> or <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> are given, then the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonset of acceptable CA names sent to the client is the names of all the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonCA certificates given by the <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCACertificateFile</directive> and <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCACertificatePath</directive> directives; in other
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonwords, the names of the CAs which will actually be used to verify the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonclient certificate.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>In some circumstances, it is useful to be able to send a set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonacceptable CA names which differs from the actual CAs used to verify
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthe client certificate - for example, if the client certificates are
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonsigned by intermediate CAs. In such cases, <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestPath</directive> and/or <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> can be used; the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonacceptable CA names are then taken from the complete set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortoncertificates in the directory and/or file specified by this pair of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondirectives.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p><directive module="mod_ssl">SSLCADNRequestFile</directive> must
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonspecify an <em>all-in-one</em> file containing a concatenation of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonPEM-encoded CA certificates.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonSSLCADNRequestFile /usr/local/apache2/conf/ca-names.crt
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Directory of PEM-encoded CA Certificates for
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondefining acceptable CA names</description>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<syntax>SSLCADNRequestPath <em>directory-path</em></syntax>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>This optional directive can be used to specify the set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>acceptable CA names</em> which will be sent to the client when a
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonclient certificate is requested. See the <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> directive for more
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondetails.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>The files in this directory have to be PEM-encoded and are accessed
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthrough hash filenames. So usually you can't just place the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonCertificate files there: you also have to create symbolic links named
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>hash-value</em><code>.N</code>. And you should always make sure
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowenthis directory contains the appropriate symbolic links.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonSSLCADNRequestPath /usr/local/apache2/conf/ca-names.crt/
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Directory of PEM-encoded CA CRLs for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCARevocationPath <em>directory-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the directory where you keep the Certificate Revocation
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveLists (CRL) of Certification Authorities (CAs) whose clients you deal with.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThese are used to revoke the client certificate on Client Authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe files in this directory have to be PEM-encoded and are accessed through
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehash filenames. So usually you have not only to place the CRL files there.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAdditionally you have to create symbolic links named
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowencontains the appropriate symbolic links.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCARevocationPath /usr/local/apache2/conf/ssl.crl/
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>File of concatenated PEM-encoded CA CRLs for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCARevocationFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the <em>all-in-one</em> file where you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveassemble the Certificate Revocation Lists (CRL) of Certification
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAuthorities (CA) whose <em>clients</em> you deal with. These are used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor Client Authentication. Such a file is simply the concatenation of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe various PEM-encoded CRL files, in order of preference. This can be
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-client.crl
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<description>Enable CRL-based revocation checking</description>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandEnables certificate revocation list (CRL) checking. At least one of
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directive module="mod_ssl">SSLCARevocationFile</directive>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandor <directive module="mod_ssl">SSLCARevocationPath</directive> must be
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandconfigured. When set to <code>chain</code> (recommended setting),
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandCRL checks are applied to all certificates in the chain, while setting it to
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<code>leaf</code> limits the checks to the end-entity cert.
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<title>When set to <code>chain</code> or <code>leaf</code>,
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandCRLs <em>must</em> be available for successful validation</title>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandPrior to version 2.3.15, CRL checking in mod_ssl also succeeded when
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandno CRL(s) were found in any of the locations configured with
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directive module="mod_ssl">SSLCARevocationFile</directive>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandor <directive module="mod_ssl">SSLCARevocationPath</directive>.
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandWith the introduction of this directive, the behavior has been changed:
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandwhen checking is enabled, CRLs <em>must</em> be present for the validation
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandto succeed - otherwise it will fail with an
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLCARevocationCheck chain
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Type of Client Certificate verification</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the Certificate verification level for the Client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAuthentication. Notice that this directive can be used both in per-server and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-directory context. In per-server context it applies to the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication process used in the standard SSL handshake when a connection is
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierestablished. In per-directory context it forces a SSL renegotiation with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivereconfigured client verification level after the HTTP request was read but
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivebefore the HTTP response is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe following levels are available for <em>level</em>:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive no client Certificate is required at all</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client <em>may</em> present a valid Certificate</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client <em>has to</em> present a valid Certificate</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client may present a valid Certificate<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive but it need not to be (successfully) verifiable.</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>require</strong> are really interesting, because level
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>optional</strong> doesn't work with all browsers and level
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>optional_no_ca</strong> is actually against the idea of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication (but can be used to establish SSL test pages, etc.)</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLVerifyClient require
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Maximum depth of CA Certificates in Client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCertificate verification</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets how deeply mod_ssl should verify before deciding that the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclients don't have a valid certificate. Notice that this directive can be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveused both in per-server and per-directory context. In per-server context it
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveapplies to the client authentication process used in the standard SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehandshake when a connection is established. In per-directory context it forces
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poiriera SSL renegotiation with the reconfigured client verification depth after the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHTTP request was read but before the HTTP response is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe depth actually is the maximum number of intermediate certificate issuers,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivei.e. the number of CA certificates which are max allowed to be followed while
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveverifying the client certificate. A depth of 0 means that self-signed client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificates are accepted only, the default depth of 1 means the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate can be self-signed or has to be signed by a CA which is directly
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveknown to the server (i.e. the CA's certificate is under
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCACertificatePath</directive>), etc.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLVerifyDepth 10
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<directivesynopsis>
76570db19ca140d4e34641190638cb589ef77385jailletc<compatibility>Available in httpd 2.4.4 and later, if using OpenSSL 1.0.1 or
76570db19ca140d4e34641190638cb589ef77385jailletclater</compatibility>
099c357f282d4aebf2b32264f7dce6ffc0497c37sfThis directive enables TLS-SRP and sets the path to the OpenSSL SRP (Secure
099c357f282d4aebf2b32264f7dce6ffc0497c37sfRemote Password) verifier file containing TLS-SRP usernames, verifiers, salts,
099c357f282d4aebf2b32264f7dce6ffc0497c37sfand group parameters.</p>
e609ac39f206eb484d7d609a6a50369b1abbe112sfThe verifier file can be created with the <code>openssl</code> command line
e609ac39f206eb484d7d609a6a50369b1abbe112sfutility:</p>
e609ac39f206eb484d7d609a6a50369b1abbe112sfopenssl srp -srpvfile passwd.srpv -userinfo "some info" -add username
e609ac39f206eb484d7d609a6a50369b1abbe112sf<p> The value given with the optional <code>-userinfo</code> parameter is
e609ac39f206eb484d7d609a6a50369b1abbe112sfavalable in the <code>SSL_SRP_USERINFO</code> request environment variable.</p>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf</directivesynopsis>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<directivesynopsis>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<syntax>SSLSRPUnknownUserSeed <em>secret-string</em></syntax>
76570db19ca140d4e34641190638cb589ef77385jailletc<compatibility>Available in httpd 2.4.4 and later, if using OpenSSL 1.0.1 or
76570db19ca140d4e34641190638cb589ef77385jailletclater</compatibility>
099c357f282d4aebf2b32264f7dce6ffc0497c37sfThis directive sets the seed used to fake SRP user parameters for unknown
099c357f282d4aebf2b32264f7dce6ffc0497c37sfusers, to avoid leaking whether a given user exists. Specify a secret
099c357f282d4aebf2b32264f7dce6ffc0497c37sfstring. If this directive is not used, then Apache will return the
099c357f282d4aebf2b32264f7dce6ffc0497c37sfUNKNOWN_PSK_IDENTITY alert to clients who specify an unknown username.
099c357f282d4aebf2b32264f7dce6ffc0497c37sfSSLSRPUnknownUserSeed "secret"
099c357f282d4aebf2b32264f7dce6ffc0497c37sf</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Configure various SSL engine run-time options</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive can be used to control various run-time options on a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-directory basis. Normally, if multiple <code>SSLOptions</code>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecould apply to a directory, then the most specific one is taken
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecompletely; the options are not merged. However if <em>all</em> the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptions on the <code>SSLOptions</code> directive are preceded by a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveplus (<code>+</code>) or minus (<code>-</code>) symbol, the options
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare merged. Any options preceded by a <code>+</code> are added to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptions currently in force, and any options preceded by a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>-</code> are removed from the options currently in force.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, the standard set of SSL related CGI/SSI
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive environment variables are created. This per default is disabled for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive performance reasons, because the information extraction step is a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive rather expensive operation. So one usually enables this option for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive CGI and SSI requests only.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, additional CGI/SSI environment variables are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive created: <code>SSL_SERVER_CERT</code>, <code>SSL_CLIENT_CERT</code> and
256c9fec76025218e564ad19e100d4a38da10f42jorton <code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em> (with <em>n</em> = 0,1,2,..).
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive These contain the PEM-encoded X.509 Certificates of server and client for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the current HTTPS connection and can be used by CGI scripts for deeper
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Certificate checking. Additionally all other certificates of the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive certificate chain are provided, too. This bloats up the environment a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive little bit which is why you have to use this option to enable it on
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive demand.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, the Subject Distinguished Name (DN) of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Client X509 Certificate is translated into a HTTP Basic Authorization
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive username. This means that the standard Apache authentication methods can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be used for access control. The user name is just the Subject of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Client's X509 Certificate (can be determined by running OpenSSL's
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>openssl x509</code> command: <code>openssl x509 -noout -subject -in
5069a3c884de90744a23e604c5048799747bc2c2minfrin </code><em>certificate</em><code>.crt</code>). The optional <directive
5069a3c884de90744a23e604c5048799747bc2c2minfrin module="mod_ssl">SSLUserName</directive> directive can be used to
5069a3c884de90744a23e604c5048799747bc2c2minfrin specify which part of the certificate Subject is embedded in the username.
5069a3c884de90744a23e604c5048799747bc2c2minfrin Note that no password is obtained from the user. Every entry in the user
5069a3c884de90744a23e604c5048799747bc2c2minfrin file needs this password: ``<code>xxj31ZMTZzkVA</code>'', which is the
5069a3c884de90744a23e604c5048799747bc2c2minfrin DES-encrypted version of the word `<code>password</code>''. Those who
5069a3c884de90744a23e604c5048799747bc2c2minfrin live under MD5-based encryption (for instance under FreeBSD or BSD/OS,
5069a3c884de90744a23e604c5048799747bc2c2minfrin etc.) should use the following MD5 hash of the same word:
5069a3c884de90744a23e604c5048799747bc2c2minfrin ``<code>$1$OXLyS...$Owx8s2/m9/gfkcRVXzgoE/</code>''.</p>
fbc5cf5c3505692a5a250416bba8bc785783364aminfrin <p>Note that the <directive module="mod_auth_basic">AuthBasicFake</directive>
fbc5cf5c3505692a5a250416bba8bc785783364aminfrin directive within <module>mod_auth_basic</module> can be used as a more
fbc5cf5c3505692a5a250416bba8bc785783364aminfrin general mechanism for faking basic authentication, giving control over the
fbc5cf5c3505692a5a250416bba8bc785783364aminfrin structure of both the username and password.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This <em>forces</em> forbidden access when <code>SSLRequireSSL</code> or
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>SSLRequire</code> successfully decided that access should be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive forbidden. Usually the default is that in the case where a ``<code>Satisfy
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive any</code>'' directive is used, and other access restrictions are passed,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>SSLRequire</code> is overridden (because that's how the Apache
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>Satisfy</code> mechanism should work.) But for strict access restriction
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive you can use <code>SSLRequireSSL</code> and/or <code>SSLRequire</code> in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive combination with an ``<code>SSLOptions +StrictRequire</code>''. Then an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive additional ``<code>Satisfy Any</code>'' has no chance once mod_ssl has
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive decided to deny access.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This enables optimized SSL connection renegotiation handling when SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive directives are used in per-directory context. By default a strict
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive scheme is enabled where <em>every</em> per-directory reconfiguration of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive SSL parameters causes a <em>full</em> SSL renegotiation handshake. When this
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive option is used mod_ssl tries to avoid unnecessary handshakes by doing more
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive granular (but still safe) parameter checks. Nevertheless these granular
76f497d5829e51bbd13e4eef22bb8c6c5d0cf37etrawick checks sometimes may not be what the user expects, so enable this on a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive per-directory basis only, please.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf This option influences how values of the
1b1621900bd89ddc496d721c865a726f635ebd7esf <code>SSL_{CLIENT,SERVER}_{I,S}_DN</code> variables are formatted. Since
1b1621900bd89ddc496d721c865a726f635ebd7esf version 2.3.11, Apache HTTPD uses a RFC 2253 compatible format by
1b1621900bd89ddc496d721c865a726f635ebd7esf default. This uses commas as delimiters between the attributes, allows the
1b1621900bd89ddc496d721c865a726f635ebd7esf use of non-ASCII characters (which are converted to UTF8), escapes
1b1621900bd89ddc496d721c865a726f635ebd7esf various special characters with backslashes, and sorts the attributes
1b1621900bd89ddc496d721c865a726f635ebd7esf with the "C" attribute last.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf <p>If <code>LegacyDNStringFormat</code> is set, the old format will be
1b1621900bd89ddc496d721c865a726f635ebd7esf used which sorts the "C" attribute first, uses slashes as separators, and
1b1621900bd89ddc496d721c865a726f635ebd7esf does not handle non-ASCII and special characters in any consistent way.
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLOptions +FakeBasicAuth -StrictRequire
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<Files ~ "\.(cgi|shtml)$">
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh SSLOptions +StdEnvVars -ExportCertData
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<Files>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Deny access when SSL is not used for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHTTP request</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive forbids access unless HTTP over SSL (i.e. HTTPS) is enabled for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe current connection. This is very handy inside the SSL-enabled virtual
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehost or directories for defending against configuration errors that expose
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivestuff that should be protected. When this directive is present all requests
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare denied which are not using SSL.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRequireSSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Allow access only when an arbitrarily complex
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveboolean expression is true</description>
d89cc405921b7b09b615a0a96afde552638198ecrbowen<p><code>SSLRequire</code> is deprecated and should in general be replaced
d89cc405921b7b09b615a0a96afde552638198ecrbowenby <a href="mod_authz_core.html#reqexpr">Require expr</a>. The so called
d89cc405921b7b09b615a0a96afde552638198ecrbowen<a href="/expr.html">ap_expr</a> syntax of <code>Require expr</code> is
d89cc405921b7b09b615a0a96afde552638198ecrbowena superset of the syntax of <code>SSLRequire</code>, with the following
d89cc405921b7b09b615a0a96afde552638198ecrbowenexception:</p>
d89cc405921b7b09b615a0a96afde552638198ecrbowen<p>In <code>SSLRequire</code>, the comparison operators <code><</code>,
d89cc405921b7b09b615a0a96afde552638198ecrbowen<code><=</code>, ... are completely equivalent to the operators
cfff4d16bbfcbf7cfe5a33ee394bcd8a17649e93humbedooh<code>lt</code>, <code>le</code>, ... and work in a somewhat peculiar way that
d89cc405921b7b09b615a0a96afde552638198ecrbowenfirst compares the length of two strings and then the lexical order.
d89cc405921b7b09b615a0a96afde552638198ecrbowenOn the other hand, <a href="/expr.html">ap_expr</a> has two sets of
d89cc405921b7b09b615a0a96afde552638198ecrbowencomparison operators: The operators <code><</code>,
d89cc405921b7b09b615a0a96afde552638198ecrbowen<code><=</code>, ... do lexical string comparison, while the operators
d89cc405921b7b09b615a0a96afde552638198ecrbowen<code>-lt</code>, <code>-le</code>, ... do integer comparison.
d89cc405921b7b09b615a0a96afde552638198ecrbowenFor the latter, there are also aliases without the leading dashes:
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive specifies a general access requirement which has to be
e55568369c0cb7b40f0faa9a6cf751676695f6bfmartinfulfilled in order to allow access. It is a very powerful directive because the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverequirement specification is an arbitrarily complex boolean expression
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontaining any number of access checks.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe <em>expression</em> must match the following syntax (given as a BNF
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivegrammar notation):</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<blockquote>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveexpr ::= "<strong>true</strong>" | "<strong>false</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecomp ::= word "<strong>==</strong>" word | word "<strong>eq</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>!=</strong>" word | word "<strong>ne</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong><</strong>" word | word "<strong>lt</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong><=</strong>" word | word "<strong>le</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>></strong>" word | word "<strong>gt</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>>=</strong>" word | word "<strong>ge</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>in</strong>" "<strong>{</strong>" wordlist "<strong>}</strong>"
e1c1bf4d7684950ea2a31a0419dc46991ec539abmartin | word "<strong>in</strong>" "<strong>PeerExtList(</strong>" word "<strong>)</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivewordlist ::= word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveword ::= digit
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedigit ::= [0-9]+
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecstring ::= "..."
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevariable ::= "<strong>%{</strong>" varname "<strong>}</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefunction ::= funcname "<strong>(</strong>" funcargs "<strong>)</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</blockquote>
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>For <code>varname</code> any of the variables described in <a
f7ac17a355153b91b25db5d526afd752465aa489jortonhref="#envvars">Environment Variables</a> can be used. For
02c4e4fe19f1120c6bdf561950ab60077c61cc5fsf<code>funcname</code> the available functions are listed in
02c4e4fe19f1120c6bdf561950ab60077c61cc5fsfthe <a href="/expr.html#functions">ap_expr documentation</a>.</p>
3c9e475ff9f299438960543e1ec28c10d4bf2570covener<p>The <em>expression</em> is parsed into an internal machine
5d01f40ffd657dd2ac567aacd93cabd162ddfa79coarrepresentation when the configuration is loaded, and then evaluated
5d01f40ffd657dd2ac567aacd93cabd162ddfa79coarduring request processing. In .htaccess context, the <em>expression</em> is
5d01f40ffd657dd2ac567aacd93cabd162ddfa79coarboth parsed and executed each time the .htaccess file is encountered during
3c9e475ff9f299438960543e1ec28c10d4bf2570covenerrequest processing.</p>
f6ffd3c8d453c5cbc81113d69b462226dbbfb228covenerSSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
f6ffd3c8d453c5cbc81113d69b462226dbbfb228covener and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
f6ffd3c8d453c5cbc81113d69b462226dbbfb228covener and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
f6ffd3c8d453c5cbc81113d69b462226dbbfb228covener and %{TIME_WDAY} -ge 1 and %{TIME_WDAY} -le 5 \
f6ffd3c8d453c5cbc81113d69b462226dbbfb228covener and %{TIME_HOUR} -ge 8 and %{TIME_HOUR} -le 20 ) \
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>The <code>PeerExtList(<em>object-ID</em>)</code> function expects
f7ac17a355153b91b25db5d526afd752465aa489jortonto find zero or more instances of the X.509 certificate extension
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonidentified by the given <em>object ID</em> (OID) in the client certificate.
f7ac17a355153b91b25db5d526afd752465aa489jortonThe expression evaluates to true if the left-hand side string matches
f7ac17a355153b91b25db5d526afd752465aa489jortonexactly against the value of an extension identified with this OID.
f7ac17a355153b91b25db5d526afd752465aa489jorton(If multiple extensions with the same OID are present, at least one
f7ac17a355153b91b25db5d526afd752465aa489jortonextension must match).</p>
f7ac17a355153b91b25db5d526afd752465aa489jortonSSLRequire "foobar" in PeerExtList("1.2.3.4.5.6")
f7ac17a355153b91b25db5d526afd752465aa489jorton<note><title>Notes on the PeerExtList function</title>
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jorton<li><p>The object ID can be specified either as a descriptive
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonname recognized by the SSL library, such as <code>"nsComment"</code>,
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonor as a numeric OID, such as <code>"1.2.3.4.5.6"</code>.</p></li>
f7ac17a355153b91b25db5d526afd752465aa489jorton<li><p>Expressions with types known to the SSL library are rendered to
f7ac17a355153b91b25db5d526afd752465aa489jortona string before comparison. For an extension with a type not
f7ac17a355153b91b25db5d526afd752465aa489jortonrecognized by the SSL library, mod_ssl will parse the value if it is
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonone of the primitive ASN.1 types UTF8String, IA5String, VisibleString,
f7ac17a355153b91b25db5d526afd752465aa489jortonor BMPString. For an extension of one of these types, the string
f7ac17a355153b91b25db5d526afd752465aa489jortonvalue will be converted to UTF-8 if necessary, then compared against
f28cb43e0ae51d68dee099bbf7ddbc84252cbd7eigalic<seealso><a href="/env.html">Environment Variables in Apache HTTP Server</a>,
f28cb43e0ae51d68dee099bbf7ddbc84252cbd7eigalicfor additional examples.
7e1a811aff3b7955fe8553a06d7a0aa02d77f629niq<seealso><a href="mod_authz_core.html#reqexpr">Require expr</a></seealso>
6b61d4aa37ff7f6281bec53463ba667e461c7efesf<seealso><a href="/expr.html">Generic expression syntax in Apache HTTP Server</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
0eead7b938755d271961071a208b9934617ecedfrpluem<directivesynopsis>
53dc45378bd4ed291a736a89089387f48b9005f1jorton<description>Set the size for the SSL renegotiation buffer</description>
53dc45378bd4ed291a736a89089387f48b9005f1jorton<p>If an SSL renegotiation is required in per-location context, for
53dc45378bd4ed291a736a89089387f48b9005f1jortonexample, any use of <directive
53dc45378bd4ed291a736a89089387f48b9005f1jortonmodule="mod_ssl">SSLVerifyClient</directive> in a Directory or
53dc45378bd4ed291a736a89089387f48b9005f1jortonLocation block, then <module>mod_ssl</module> must buffer any HTTP
53dc45378bd4ed291a736a89089387f48b9005f1jortonrequest body into memory until the new SSL handshake can be performed.
53dc45378bd4ed291a736a89089387f48b9005f1jortonThis directive can be used to set the amount of memory that will be
53dc45378bd4ed291a736a89089387f48b9005f1jortonused for this buffer. </p>
53dc45378bd4ed291a736a89089387f48b9005f1jortonNote that in many configurations, the client sending the request body
53dc45378bd4ed291a736a89089387f48b9005f1jortonwill be untrusted so a denial of service attack by consumption of
53dc45378bd4ed291a736a89089387f48b9005f1jortonmemory must be considered when changing this configuration setting.
0eead7b938755d271961071a208b9934617ecedfrpluemSSLRenegBufferSize 262144
0eead7b938755d271961071a208b9934617ecedfrpluem</directivesynopsis>
e3715027f352040ef98da03359b00f13ddb506cbrpluem<directivesynopsis>
1fd5131d5732e639b0b4225ca0afea717c41bc11trawick<description>Whether to allow non-SNI clients to access a name-based virtual
e3715027f352040ef98da03359b00f13ddb506cbrpluem</description>
1fd5131d5732e639b0b4225ca0afea717c41bc11trawickThis directive sets whether a non-SNI client is allowed to access a name-based
1fd5131d5732e639b0b4225ca0afea717c41bc11trawickvirtual host. If set to <code>on</code> in the default name-based virtual
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalichost, clients that are SNI unaware will not be allowed to access <em>any</em>
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalicvirtual host, belonging to this particular IP / port combination.
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalicIf set to <code>on</code> in any other virtual host, SNI unaware clients
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalicare not allowed to access this particular virtual host.
e3715027f352040ef98da03359b00f13ddb506cbrpluemThis option is only available if httpd was compiled against an SNI capable
e3715027f352040ef98da03359b00f13ddb506cbrpluemversion of OpenSSL.
e3715027f352040ef98da03359b00f13ddb506cbrpluemSSLStrictSNIVHostCheck on
e3715027f352040ef98da03359b00f13ddb506cbrpluem</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<description>Directory of PEM-encoded client certificates and keys to be used by the proxy</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyMachineCertificatePath <em>directory</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<contextlist><context>server config</context></contextlist>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsThis directive sets the directory where you keep the certificates and
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadskeys used for authentication of the proxy server to remote servers.
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>The files in this directory must be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. Additionally, you must create symbolic links named
d99faa99674be527e7fcc0ab5903463be779934drbowen<code><em>hash-value</em>.N</code>. And you should always make sure this
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowendirectory contains the appropriate symbolic links.</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<p>Currently there is no support for encrypted private keys</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsSSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<description>File of concatenated PEM-encoded client certificates and keys to be used by the proxy</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyMachineCertificateFile <em>filename</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<contextlist><context>server config</context></contextlist>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsThis directive sets the all-in-one file where you keep the certificates and
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadskeys used for authentication of the proxy server to remote servers.
d99faa99674be527e7fcc0ab5903463be779934drbowenThis referenced file is simply the concatenation of the various PEM-encoded
d99faa99674be527e7fcc0ab5903463be779934drbowencertificate files, in order of preference. Use this directive alternatively
d99faa99674be527e7fcc0ab5903463be779934drbowenor additionally to <code>SSLProxyMachineCertificatePath</code>.
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<p>Currently there is no support for encrypted private keys</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsSSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
44985e4f931d3a75a7e5108705010cc21605ee34druggeri<directivesynopsis>
44985e4f931d3a75a7e5108705010cc21605ee34druggeri<description>File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</description>
44985e4f931d3a75a7e5108705010cc21605ee34druggeri<syntax>SSLProxyMachineCertificateChainFile <em>filename</em></syntax>
44985e4f931d3a75a7e5108705010cc21605ee34druggeri<contextlist><context>server config</context></contextlist>
44985e4f931d3a75a7e5108705010cc21605ee34druggeriThis directive sets the all-in-one file where you keep the certificate chain
44985e4f931d3a75a7e5108705010cc21605ee34druggerifor all of the client certs in use. This directive will be needed if the
44985e4f931d3a75a7e5108705010cc21605ee34druggeriremote server presents a list of CA certificates that are not direct signers
44985e4f931d3a75a7e5108705010cc21605ee34druggeriof one of the configured client certificates.
44985e4f931d3a75a7e5108705010cc21605ee34druggeriThis referenced file is simply the concatenation of the various PEM-encoded
44985e4f931d3a75a7e5108705010cc21605ee34druggericertificate files. Upon startup, each client certificate configured will
44985e4f931d3a75a7e5108705010cc21605ee34druggeribe examined and a chain of trust will be constructed.
329aafcb026993f7566d517835613a9fa837ab1ddruggeri<note type="warning"><title>Security warning</title>
329aafcb026993f7566d517835613a9fa837ab1ddruggeri<p>If this directive is enabled, all of the certificates in the file will be
329aafcb026993f7566d517835613a9fa837ab1ddruggeritrusted as if they were also in <directive module="mod_ssl">
44985e4f931d3a75a7e5108705010cc21605ee34druggeriSSLProxyMachineCertificateChainFile /usr/local/apache2/conf/ssl.crt/proxyCA.pem
44985e4f931d3a75a7e5108705010cc21605ee34druggeri</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Type of remote server Certificate verification</description>
6a93ff92c722b879358b25415302e090833a2c75jorton<p>When a proxy is configured to forward requests to a remote SSL
6a93ff92c722b879358b25415302e090833a2c75jortonserver, this directive can be used to configure certificate
68aed4e74d7db15eaab99b93bb8a10f981979626covenerverification of the remote server. </p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe following levels are available for <em>level</em>:</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen no remote server Certificate is required at all</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server <em>may</em> present a valid Certificate</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server <em>has to</em> present a valid Certificate</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server may present a valid Certificate<br />
d99faa99674be527e7fcc0ab5903463be779934drbowen but it need not to be (successfully) verifiable.</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>require</strong> are really interesting, because level
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>optional</strong> doesn't work with all servers and level
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>optional_no_ca</strong> is actually against the idea of
d99faa99674be527e7fcc0ab5903463be779934drbowenauthentication (but can be used to establish SSL test pages, etc.)</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyVerify require
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Maximum depth of CA Certificates in Remote Server
d99faa99674be527e7fcc0ab5903463be779934drbowenCertificate verification</description>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets how deeply mod_ssl should verify before deciding that the
68aed4e74d7db15eaab99b93bb8a10f981979626covenerremote server does not have a valid certificate. </p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe depth actually is the maximum number of intermediate certificate issuers,
d99faa99674be527e7fcc0ab5903463be779934drboweni.e. the number of CA certificates which are max allowed to be followed while
d99faa99674be527e7fcc0ab5903463be779934drbowenverifying the remote server certificate. A depth of 0 means that self-signed
d99faa99674be527e7fcc0ab5903463be779934drbowenremote server certificates are accepted only, the default depth of 1 means
d99faa99674be527e7fcc0ab5903463be779934drbowenthe remote server certificate can be self-signed or has to be signed by a CA
d99faa99674be527e7fcc0ab5903463be779934drbowenwhich is directly known to the server (i.e. the CA's certificate is under
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLProxyCACertificatePath</directive>), etc.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyVerifyDepth 10
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<description>Whether to check if remote server certificate is expired
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</description>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemThis directive sets whether it is checked if the remote server certificate
8f2700898323915da289644dc1f3ee11a5e5b4earpluemis expired or not. If the check fails a 502 status code (Bad Gateway) is
8f2700898323915da289644dc1f3ee11a5e5b4earpluemSSLProxyCheckPeerExpire on
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directivesynopsis>
d58a822aff1dfda25384d3d009f88f1883c95436kbrand<description>Whether to check the remote server certificate's CN field
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</description>
d58a822aff1dfda25384d3d009f88f1883c95436kbrandThis directive sets whether the remote server certificate's CN field is
8f2700898323915da289644dc1f3ee11a5e5b4earpluemcompared against the hostname of the request URL. If both are not equal
8f2700898323915da289644dc1f3ee11a5e5b4earpluema 502 status code (Bad Gateway) is sent.
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletcIn 2.4.5 and later, SSLProxyCheckPeerCN has been superseded by
d58a822aff1dfda25384d3d009f88f1883c95436kbrand<directive module="mod_ssl">SSLProxyCheckPeerName</directive>, and its
d58a822aff1dfda25384d3d009f88f1883c95436kbrandsetting is only taken into account when
d58a822aff1dfda25384d3d009f88f1883c95436kbrand<code>SSLProxyCheckPeerName off</code> is specified at the same time.
8f2700898323915da289644dc1f3ee11a5e5b4earpluemSSLProxyCheckPeerCN on
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</directivesynopsis>
d58a822aff1dfda25384d3d009f88f1883c95436kbrand<directivesynopsis>
d58a822aff1dfda25384d3d009f88f1883c95436kbrand<description>Configure host name checking for remote server certificates
d58a822aff1dfda25384d3d009f88f1883c95436kbrand</description>
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<compatibility>Apache HTTP Server 2.4.5 and later</compatibility>
d58a822aff1dfda25384d3d009f88f1883c95436kbrandThis directive configures host name checking for server certificates
d58a822aff1dfda25384d3d009f88f1883c95436kbrandwhen mod_ssl is acting as an SSL client. The check will
d58a822aff1dfda25384d3d009f88f1883c95436kbrandsucceed if the host name from the request URI is found in
d58a822aff1dfda25384d3d009f88f1883c95436kbrandeither the subjectAltName extension or (one of) the CN attribute(s)
d58a822aff1dfda25384d3d009f88f1883c95436kbrandin the certificate's subject. If the check fails, the SSL request
d58a822aff1dfda25384d3d009f88f1883c95436kbrandis aborted and a 502 status code (Bad Gateway) is returned.
d58a822aff1dfda25384d3d009f88f1883c95436kbrandThe directive supersedes <directive module="mod_ssl">SSLProxyCheckPeerCN</directive>,
d58a822aff1dfda25384d3d009f88f1883c95436kbrandwhich only checks for the expected host name in the first CN attribute.
d58a822aff1dfda25384d3d009f88f1883c95436kbrandWildcard matching is supported in one specific flavor: subjectAltName entries
d58a822aff1dfda25384d3d009f88f1883c95436kbrandof type dNSName or CN attributes starting with <code>*.</code> will match
d58a822aff1dfda25384d3d009f88f1883c95436kbrandfor any DNS name with the same number of labels and the same suffix
d58a822aff1dfda25384d3d009f88f1883c95436kbrand(i.e., <code>*.example.org</code> matches for <code>foo.example.org</code>,
d58a822aff1dfda25384d3d009f88f1883c95436kbrand</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>SSL Proxy Engine Operation Switch</description>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive toggles the usage of the SSL/TLS Protocol Engine for proxy. This
d99faa99674be527e7fcc0ab5903463be779934drbowentype="section">VirtualHost</directive> section to enable SSL/TLS for proxy
d99faa99674be527e7fcc0ab5903463be779934drbowenusage in a particular virtual host. By default the SSL/TLS Protocol Engine is
dc151803ea3c84a5a387088ae2d9c6b52fb533b4trawickdisabled for proxy both for the main server and all configured virtual hosts.</p>
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowen<p>Note that the SSLProxyEngine directive should not, in
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowengeneral, be included in a virtual host that will be acting as a
ecc11b0f16eb8eac0e540909e86b6b8ca5fb2877rbowenforward proxy (using <Proxy> or <ProxyRequest> directives.
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowenSSLProxyEngine is not required to enable a forward proxy server to
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<VirtualHost _default_:443>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh SSLProxyEngine on
d99faa99674be527e7fcc0ab5903463be779934drbowen</VirtualHost>
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Configure usable SSL protocol flavors for proxy usage</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyProtocol [+|-]<em>protocol</em> ...</syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<!-- XXX Why does this have an override and not .htaccess context? -->
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive can be used to control the SSL protocol flavors mod_ssl should
d99faa99674be527e7fcc0ab5903463be779934drbowenuse when establishing its server environment for proxy . It will only connect
d99faa99674be527e7fcc0ab5903463be779934drbowento servers using one of the provided protocols.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Please refer to <directive module="mod_ssl">SSLProtocol</directive>
d99faa99674be527e7fcc0ab5903463be779934drbowenfor additional information.
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Cipher Suite available for negotiation in SSL
d99faa99674be527e7fcc0ab5903463be779934drbowenproxy handshake</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCipherSuite <em>cipher-spec</em></syntax>
b1213b43a3643e4fd80f85b5ec3975b9dc97edf8sf<default>SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP</default>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Equivalent to <code>SSLCipherSuite</code>, but for the proxy connection.
d99faa99674be527e7fcc0ab5903463be779934drbowenPlease refer to <directive module="mod_ssl">SSLCipherSuite</directive>
2e1789ae4b1b62d36ed53ccdd391f626640d642frbowenfor additional information.</p>
2e1789ae4b1b62d36ed53ccdd391f626640d642frbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Directory of PEM-encoded CA Certificates for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCACertificatePath <em>directory-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the directory where you keep the Certificates of
d99faa99674be527e7fcc0ab5903463be779934drbowenCertification Authorities (CAs) whose remote servers you deal with. These are used to
d99faa99674be527e7fcc0ab5903463be779934drbowenverify the remote server certificate on Remote Server Authentication.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe files in this directory have to be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. So usually you can't just place the Certificate files
d99faa99674be527e7fcc0ab5903463be779934drbowenthere: you also have to create symbolic links named
d99faa99674be527e7fcc0ab5903463be779934drbowen<em>hash-value</em><code>.N</code>. And you should always make sure this directory
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowencontains the appropriate symbolic links.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCACertificatePath /usr/local/apache2/conf/ssl.crt/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>File of concatenated PEM-encoded CA Certificates
d99faa99674be527e7fcc0ab5903463be779934drbowenfor Remote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCACertificateFile <em>file-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the <em>all-in-one</em> file where you can assemble the
d99faa99674be527e7fcc0ab5903463be779934drbowenCertificates of Certification Authorities (CA) whose <em>remote servers</em> you deal
d99faa99674be527e7fcc0ab5903463be779934drbowenwith. These are used for Remote Server Authentication. Such a file is simply the
d99faa99674be527e7fcc0ab5903463be779934drbowenconcatenation of the various PEM-encoded Certificate files, in order of
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimpreference. This can be used alternatively and/or additionally to
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLProxyCACertificatePath</directive>.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-remote-server.crt
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Directory of PEM-encoded CA CRLs for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCARevocationPath <em>directory-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the directory where you keep the Certificate Revocation
d99faa99674be527e7fcc0ab5903463be779934drbowenLists (CRL) of Certification Authorities (CAs) whose remote servers you deal with.
d99faa99674be527e7fcc0ab5903463be779934drbowenThese are used to revoke the remote server certificate on Remote Server Authentication.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe files in this directory have to be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. So usually you have not only to place the CRL files there.
d99faa99674be527e7fcc0ab5903463be779934drbowenAdditionally you have to create symbolic links named
d99faa99674be527e7fcc0ab5903463be779934drbowen<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowencontains the appropriate symbolic links.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCARevocationPath /usr/local/apache2/conf/ssl.crl/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>File of concatenated PEM-encoded CA CRLs for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCARevocationFile <em>file-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the <em>all-in-one</em> file where you can
d99faa99674be527e7fcc0ab5903463be779934drbowenassemble the Certificate Revocation Lists (CRL) of Certification
d99faa99674be527e7fcc0ab5903463be779934drbowenAuthorities (CA) whose <em>remote servers</em> you deal with. These are used
d99faa99674be527e7fcc0ab5903463be779934drbowenfor Remote Server Authentication. Such a file is simply the concatenation of
d99faa99674be527e7fcc0ab5903463be779934drbowenthe various PEM-encoded CRL files, in order of preference. This can be
d99faa99674be527e7fcc0ab5903463be779934drbowenmodule="mod_ssl">SSLProxyCARevocationPath</directive>.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-remote-server.crl
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<description>Enable CRL-based revocation checking for Remote Server Auth</description>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<syntax>SSLProxyCARevocationCheck chain|leaf|none</syntax>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandEnables certificate revocation list (CRL) checking for the
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<em>remote servers</em> you deal with. At least one of
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directive module="mod_ssl">SSLProxyCARevocationFile</directive>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandor <directive module="mod_ssl">SSLProxyCARevocationPath</directive> must be
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandconfigured. When set to <code>chain</code> (recommended setting),
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandCRL checks are applied to all certificates in the chain, while setting it to
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<code>leaf</code> limits the checks to the end-entity cert.
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<title>When set to <code>chain</code> or <code>leaf</code>,
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandCRLs <em>must</em> be available for successful validation</title>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandPrior to version 2.3.15, CRL checking in mod_ssl also succeeded when
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandno CRL(s) were found in any of the locations configured with
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directive module="mod_ssl">SSLProxyCARevocationFile</directive>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandor <directive module="mod_ssl">SSLProxyCARevocationPath</directive>.
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandWith the introduction of this directive, the behavior has been changed:
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandwhen checking is enabled, CRLs <em>must</em> be present for the validation
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandto succeed - otherwise it will fail with an
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLProxyCARevocationCheck chain
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand</directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<description>Variable name to determine user name</description>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonThis directive sets the "user" field in the Apache request object.
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonThis is used by lower modules to identify the user with a character
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonstring. In particular, this may cause the environment variable
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<code>REMOTE_USER</code> to be set. The <em>varname</em> can be
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonany of the <a href="#envvars">SSL environment variables</a>.</p>
5069a3c884de90744a23e604c5048799747bc2c2minfrin<p>When the <code>FakeBasicAuth</code> option is enabled, this directive
5069a3c884de90744a23e604c5048799747bc2c2minfrininstead controls the value of the username embedded within the basic
5069a3c884de90744a23e604c5048799747bc2c2minfrinauthentication header (see <a href="#ssloptions">SSLOptions</a>).</p>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonSSLUserName SSL_CLIENT_S_DN_CN
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton</directivesynopsis>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<directivesynopsis>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<description>Option to prefer the server's cipher preference order</description>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<p>When choosing a cipher during an SSLv3 or TLSv1 handshake, normally
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jortonthe client's preference is used. If this directive is enabled, the
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jortonserver's preference will be used instead.</p>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jortonSSLHonorCipherOrder on
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton</directivesynopsis>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<directivesynopsis>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<description>Enable use of a cryptographic hardware accelerator</description>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<contextlist><context>server config</context></contextlist>
4cd185b8f43b3014d0ef735b16c733844956c665jortonThis directive enables use of a cryptographic hardware accelerator
4cd185b8f43b3014d0ef735b16c733844956c665jortonboard to offload some of the SSL processing overhead. This directive
4cd185b8f43b3014d0ef735b16c733844956c665jortoncan only be used if the SSL toolkit is built with "engine" support;
4cd185b8f43b3014d0ef735b16c733844956c665jortonOpenSSL 0.9.7 and later releases have "engine" support by default, the
4cd185b8f43b3014d0ef735b16c733844956c665jortonseparate "-engine" releases of OpenSSL 0.9.6 must be used.</p>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<p>To discover which engine names are supported, run the command
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh# For a Broadcom accelerator:
4cd185b8f43b3014d0ef735b16c733844956c665jortonSSLCryptoDevice ubsec
4cd185b8f43b3014d0ef735b16c733844956c665jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Enable OCSP validation of the client certificate chain</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>This option enables OCSP validation of the client certificate
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonchain. If this option is enabled, certificates in the client's
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortoncertificate chain will be validated against an OCSP responder after
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonnormal verification (including CRL checks) have taken place.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>The OCSP responder used is either extracted from the certificate
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonitself, or derived by configuration; see the
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directive module="mod_ssl">SSLOCSPDefaultResponder</directive> and
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directive module="mod_ssl">SSLOCSPOverrideResponder</directive>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortondirectives.</p>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLVerifyClient on
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLOCSPEnable on
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLOCSPDefaultResponder http://responder.example.com:8888/responder
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonSSLOCSPOverrideResponder on
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Set the default responder URI for OCSP validation</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>This option sets the default OCSP responder to use. If <directive
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonmodule="mod_ssl">SSLOCSPOverrideResponder</directive> is not enabled,
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonthe URI given will be used only if no responder URI is specified in
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonthe certificate being verified.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Force use of the default responder URI for OCSP validation</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>This option forces the configured default OCSP responder to be used
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonduring OCSP certificate validation, regardless of whether the
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortoncertificate being validated references an OCSP responder.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Maximum allowable time skew for OCSP response validation</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLOCSPResponseTimeSkew <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the maximum allowable time skew for OCSP responses
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton(when checking their <code>thisUpdate</code> and <code>nextUpdate</code> fields).</p>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Maximum allowable age for OCSP responses</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLOCSPResponseMaxAge <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the maximum allowable age ("freshness") for OCSP responses.
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonThe default value (<code>-1</code>) does not enforce a maximum age,
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonwhich means that OCSP responses are considered valid as long as their
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLOCSPResponderTimeout <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the timeout for queries to OCSP responders, when
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directive module="mod_ssl">SSLOCSPEnable</directive> is turned on.</p>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
c12b284247f00b5696adabb0b855ce0669465764ylavic<directivesynopsis>
c12b284247f00b5696adabb0b855ce0669465764ylavic<description>Use a nonce within OCSP queries</description>
9da97ff0bac3a0ff56a9cdebe6e5ab563636aa86jailletc<compatibility>Available in httpd 2.4.10 and later</compatibility>
c12b284247f00b5696adabb0b855ce0669465764ylavic<p>This option determines whether queries to OCSP responders should contain
c12b284247f00b5696adabb0b855ce0669465764ylavica nonce or not. By default, a query nonce is always used and checked against
bb487a03441404caa9028ea767e4c363be2af44ftrawickthe response's one. When the responder does not use nonces (e.g. Microsoft OCSP
bb487a03441404caa9028ea767e4c363be2af44ftrawickResponder), this option should be turned <code>off</code>.</p>
c12b284247f00b5696adabb0b855ce0669465764ylavic</directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<description>Option to enable support for insecure renegotiation</description>
158222078a98fb13cddf2793b42f7eb8eafe51aerjung<compatibility>Available if using OpenSSL 0.9.8m or later</compatibility>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<p>As originally specified, all versions of the SSL and TLS protocols
f7489468254ddf807594db3dfb994035f0ec1c7djorton(up to and including TLS/1.2) were vulnerable to a Man-in-the-Middle
f7489468254ddf807594db3dfb994035f0ec1c7djorton(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>)
f7489468254ddf807594db3dfb994035f0ec1c7djortonduring a renegotiation. This vulnerability allowed an attacker to
f7489468254ddf807594db3dfb994035f0ec1c7djorton"prefix" a chosen plaintext to the HTTP request as seen by the web
f7489468254ddf807594db3dfb994035f0ec1c7djortonserver. A protocol extension was developed which fixed this
f7489468254ddf807594db3dfb994035f0ec1c7djortonvulnerability if supported by both client and server.</p>
2abdc0d12bb0cdad4f5c9e5b10b80cc5b0317fb3rjung<p>If <module>mod_ssl</module> is linked against OpenSSL version 0.9.8m
2abdc0d12bb0cdad4f5c9e5b10b80cc5b0317fb3rjungor later, by default renegotiation is only supported with
f7489468254ddf807594db3dfb994035f0ec1c7djortonclients supporting the new protocol extension. If this directive is
681179909163fc15393800e50de63b9db31b2ee3jortonenabled, renegotiation will be allowed with old (unpatched) clients,
681179909163fc15393800e50de63b9db31b2ee3jortonalbeit insecurely.</p>
681179909163fc15393800e50de63b9db31b2ee3jorton<p>If this directive is enabled, SSL connections will be vulnerable to
681179909163fc15393800e50de63b9db31b2ee3jortonthe Man-in-the-Middle prefix attack as described
681179909163fc15393800e50de63b9db31b2ee3jortonin <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>.</p>
f7489468254ddf807594db3dfb994035f0ec1c7djortonSSLInsecureRenegotiation on
681179909163fc15393800e50de63b9db31b2ee3jorton<p>The <code>SSL_SECURE_RENEG</code> environment variable can be used
681179909163fc15393800e50de63b9db31b2ee3jortonfrom an SSI or CGI script to determine whether secure renegotiation is
681179909163fc15393800e50de63b9db31b2ee3jortonsupported for a given SSL connection.</p>
f7489468254ddf807594db3dfb994035f0ec1c7djorton</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Enable stapling of OCSP responses in the TLS handshake</description>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>This option enables OCSP stapling, as defined by the "Certificate
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandStatus Request" TLS extension specified in RFC 6066. If enabled (and
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandrequested by the client), mod_ssl will include an OCSP response
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandfor its own certificate in the TLS handshake. Configuring an
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLStaplingCache</directive> is a
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandprerequisite for enabling OCSP stapling.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>OCSP stapling relieves the client of querying the OCSP responder
3788ae3a3f2f75010ab643db7379ab4d8c5822eckbrandon its own, but it should be noted that with the RFC 6066 specification,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandthe server's <code>CertificateStatus</code> reply may only include an
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandOCSP response for a single cert. For server certificates with intermediate
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandCA certificates in their chain (the typical case nowadays),
3788ae3a3f2f75010ab643db7379ab4d8c5822eckbrandstapling in its current implementation therefore only partially achieves the
3788ae3a3f2f75010ab643db7379ab4d8c5822eckbrandstated goal of "saving roundtrips and resources" - see also
3788ae3a3f2f75010ab643db7379ab4d8c5822eckbrand<a href="http://www.ietf.org/rfc/rfc6961.txt">RFC 6961</a>
3788ae3a3f2f75010ab643db7379ab4d8c5822eckbrand(TLS Multiple Certificate Status Extension).
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Configures the OCSP stapling cache</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<contextlist><context>server config</context></contextlist>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>Configures the cache used to store OCSP responses which get included
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandin the TLS handshake if <directive module="mod_ssl">SSLUseStapling</directive>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandis enabled. Configuration of a cache is mandatory for OCSP stapling.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandWith the exception of <code>none</code> and <code>nonenotnull</code>,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandthe same storage types are supported as with
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLSessionCache</directive>.</p>
bb487a03441404caa9028ea767e4c363be2af44ftrawick<p>The <code>ssl-stapling</code> mutex is used to serialize access to the
bb487a03441404caa9028ea767e4c363be2af44ftrawickOCSP stapling cache to prevent corruption. This mutex can be configured
bb487a03441404caa9028ea767e4c363be2af44ftrawickusing the <directive module="core">Mutex</directive> directive.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Maximum allowable time skew for OCSP stapling response validation</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingResponseTimeSkew <em>seconds</em></syntax>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>This option sets the maximum allowable time skew when mod_ssl checks the
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<code>thisUpdate</code> and <code>nextUpdate</code> fields of OCSP responses
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandwhich get included in the TLS handshake (OCSP stapling). Only applicable
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandif <directive module="mod_ssl">SSLUseStapling</directive> is turned on.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Timeout for OCSP stapling queries</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingResponderTimeout <em>seconds</em></syntax>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>This option sets the timeout for queries to OCSP responders when
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLUseStapling</directive> is enabled
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandand mod_ssl is querying a responder for OCSP stapling purposes.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Maximum allowable age for OCSP stapling responses</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingResponseMaxAge <em>seconds</em></syntax>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>This option sets the maximum allowable age ("freshness") when
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandconsidering OCSP responses for stapling purposes, i.e. when
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLUseStapling</directive> is turned on.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandThe default value (<code>-1</code>) does not enforce a maximum age,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandwhich means that OCSP responses are considered valid as long as their
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Number of seconds before expiring responses in the OCSP stapling cache</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingStandardCacheTimeout <em>seconds</em></syntax>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<default>SSLStaplingStandardCacheTimeout 3600</default>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>Sets the timeout in seconds before responses in the OCSP stapling cache
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand(configured through <directive module="mod_ssl">SSLStaplingCache</directive>)
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandwill expire. This directive applies to <em>valid</em> responses, while
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLStaplingErrorCacheTimeout</directive> is
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandused for controlling the timeout for invalid/unavailable responses.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Pass stapling related OCSP errors on to client</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingReturnResponderErrors on|off</syntax>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<default>SSLStaplingReturnResponderErrors on</default>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>When enabled, mod_ssl will pass responses from unsuccessful
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandstapling related OCSP queries (such as status errors, expired responses etc.)
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandon to the client. If set to <code>off</code>, no stapled responses
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandfor failed queries will be included in the TLS handshake.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Synthesize "tryLater" responses for failed OCSP stapling queries</description>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>When enabled and a query to an OCSP responder for stapling
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandpurposes fails, mod_ssl will synthesize a "tryLater" response for the
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandclient. Only effective if <directive
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandmodule="mod_ssl">SSLStaplingReturnResponderErrors</directive>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandis also enabled.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Number of seconds before expiring invalid responses in the OCSP stapling cache</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingErrorCacheTimeout <em>seconds</em></syntax>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>Sets the timeout in seconds before <em>invalid</em> responses
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandin the OCSP stapling cache (configured through <directive
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandmodule="mod_ssl">SSLStaplingCache</directive>) will expire.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandTo set the cache timeout for valid responses, see
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLStaplingStandardCacheTimeout</directive>.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Override the OCSP responder URI specified in the certificate's AIA extension</description>
66052e434c701b4a78c24254e07a4e2e8bc1009bylavic<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>This directive overrides the URI of an OCSP responder as obtained from
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandthe authorityInfoAccess (AIA) extension of the certificate.
bb487a03441404caa9028ea767e4c363be2af44ftrawickOne potential use is when a proxy is used for retrieving OCSP queries.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<directivesynopsis>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<description>Persistent encryption/decryption key for TLS session tickets</description>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<syntax>SSLSessionTicketKeyFile <em>file-path</em></syntax>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<compatibility>Available in httpd 2.4.0 and later, if using OpenSSL 0.9.8h or later</compatibility>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<p>Optionally configures a secret key for encrypting and decrypting
7a4e3510f3516132ff057ac986fd6350164b7950kbrandTLS session tickets, as defined in
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<a href="http://www.ietf.org/rfc/rfc5077.txt">RFC 5077</a>.
7a4e3510f3516132ff057ac986fd6350164b7950kbrandPrimarily suitable for clustered environments where TLS sessions information
7a4e3510f3516132ff057ac986fd6350164b7950kbrandshould be shared between multiple nodes. For single-instance httpd setups,
7a4e3510f3516132ff057ac986fd6350164b7950kbrandit is recommended to <em>not</em> configure a ticket key file, but to
7a4e3510f3516132ff057ac986fd6350164b7950kbrandrely on (random) keys generated by mod_ssl at startup, instead.</p>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<p>The ticket key file must contain 48 bytes of random data,
7a4e3510f3516132ff057ac986fd6350164b7950kbrandpreferrably created from a high-entropy source. On a Unix-based system,
7a4e3510f3516132ff057ac986fd6350164b7950kbranda ticket key file can be created as follows:</p>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<p>Ticket keys should be rotated (replaced) on a frequent basis,
7a4e3510f3516132ff057ac986fd6350164b7950kbrandas this is the only way to invalidate an existing session ticket -
7a4e3510f3516132ff057ac986fd6350164b7950kbrandOpenSSL currently doesn't allow to specify a limit for ticket lifetimes.</p>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<p>The ticket key file contains sensitive keying material and should
7a4e3510f3516132ff057ac986fd6350164b7950kbrandbe protected with file permissions similar to those used for
7a4e3510f3516132ff057ac986fd6350164b7950kbrand<directive module="mod_ssl">SSLCertificateKeyFile</directive>.</p>
7a4e3510f3516132ff057ac986fd6350164b7950kbrand</directivesynopsis>
d9b079a6dd66d36313be56f859c8c61153146527sf<directivesynopsis>
aee831691bb9ecd96dea63d35bc8bdd21c0f0b1fsf<description>Enable compression on the SSL level</description>
5cf9b7c2c028e09a3640165231e57043cb071963rjung<compatibility>Available in httpd 2.4.3 and later, if using OpenSSL 0.9.8 or later;
aee831691bb9ecd96dea63d35bc8bdd21c0f0b1fsfvirtual host scope available if using OpenSSL 1.0.0 or later.
aee831691bb9ecd96dea63d35bc8bdd21c0f0b1fsfThe default used to be <code>on</code> in version 2.4.3.</compatibility>
aee831691bb9ecd96dea63d35bc8bdd21c0f0b1fsf<p>This directive allows to enable compression on the SSL level.</p>
aee831691bb9ecd96dea63d35bc8bdd21c0f0b1fsf<p>Enabling compression causes security issues in most setups (the so called
aee831691bb9ecd96dea63d35bc8bdd21c0f0b1fsfCRIME attack).</p>
d9b079a6dd66d36313be56f859c8c61153146527sf</directivesynopsis>
f0ed8386200af077d3151eed8724d68b35884f1erjung<directivesynopsis>
f0ed8386200af077d3151eed8724d68b35884f1erjung<description>Enable or disable use of TLS session tickets</description>
f0ed8386200af077d3151eed8724d68b35884f1erjung<compatibility>Available in httpd 2.4.11 and later, if using OpenSSL 0.9.8f
f0ed8386200af077d3151eed8724d68b35884f1erjungor later.</compatibility>
f0ed8386200af077d3151eed8724d68b35884f1erjung<p>This directive allows to enable or disable the use of TLS session tickets
f0ed8386200af077d3151eed8724d68b35884f1erjung(RFC 5077).</p>
f0ed8386200af077d3151eed8724d68b35884f1erjung<p>TLS session tickets are enabled by default. Using them without restarting
f0ed8386200af077d3151eed8724d68b35884f1erjungthe web server with an appropriate frequency (e.g. daily) compromises perfect
f0ed8386200af077d3151eed8724d68b35884f1erjungforward secrecy.</p>
f0ed8386200af077d3151eed8724d68b35884f1erjung</directivesynopsis>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<directivesynopsis>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<description>Configure OpenSSL parameters through its <em>SSL_CONF</em> API</description>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<syntax>SSLOpenSSLConfCmd <em>command-name</em> <em>command-value</em></syntax>
02250041cee0403318e036c1f976793b7145eb01ylavic<compatibility>Available in httpd 2.4.8 and later, if using OpenSSL 1.0.2 or later</compatibility>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<p>This directive exposes OpenSSL's <em>SSL_CONF</em> API to mod_ssl,
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandallowing a flexible configuration of OpenSSL parameters without the need
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandof implementing additional <module>mod_ssl</module> directives when new
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandfeatures are added to OpenSSL.</p>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<p>The set of available <directive>SSLOpenSSLConfCmd</directive> commands
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbranddepends on the OpenSSL version being used for <module>mod_ssl</module>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand(at least version 1.0.2 is required). For a list of supported command
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandnames, see the section <em>Supported configuration file commands</em> in the
a5aa843d28798d8c35a8f6bffef1c4a9df211a01kbrand<a href="http://www.openssl.org/docs/ssl/SSL_CONF_cmd.html#supported_configuration_file_commands">SSL_CONF_cmd(3)</a> manual page for OpenSSL.</p>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<p>Some of the <directive>SSLOpenSSLConfCmd</directive> commands can be used
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandas an alternative to existing directives (such as
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand<directive module="mod_ssl">SSLCipherSuite</directive> or
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandthough it should be noted that the syntax / allowable values for the parameters
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandmay sometimes differ.</p>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandSSLOpenSSLConfCmd Options -SessionTicket,ServerPreference
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandSSLOpenSSLConfCmd ECDHParameters brainpoolP256r1
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandSSLOpenSSLConfCmd ServerInfoFile /usr/local/apache2/conf/server-info.pem
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandSSLOpenSSLConfCmd Protocol "-ALL, TLSv1.2"
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrandSSLOpenSSLConfCmd SignatureAlgorithms RSA+SHA384:ECDSA+SHA256
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand</highlight>
2406dd0fd6061a7e26baad86a1bf1d6c233c2d42kbrand</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</modulesynopsis>