mod_ssl.xml revision d89cc405921b7b09b615a0a96afde552638198ec
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
e942c741056732f50da2074b36fe59805d370650slive<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
5f5d1b4cc970b7f06ff8ef6526128e9a27303d88nd<!-- $LastChangedRevision$ -->
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding Licensed to the Apache Software Foundation (ASF) under one or more
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding contributor license agreements. See the NOTICE file distributed with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding this work for additional information regarding copyright ownership.
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding The ASF licenses this file to You under the Apache License, Version 2.0
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding (the "License"); you may not use this file except in compliance with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding the License. You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Strong cryptography using the Secure Sockets
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveLayer (SSL) and Transport Layer Security (TLS) protocols</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>This module provides SSL v2/v3 and TLS v1 support for the Apache
cfff4d16bbfcbf7cfe5a33ee394bcd8a17649e93humbedoohHTTP Server. It was contributed by Ralf S. Engelschall based on his
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemod_ssl project and originally derived from work by Ben Laurie.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>This module relies on <a href="http://www.openssl.org/">OpenSSL</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto provide the cryptography engine.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>Further details, discussion, and examples are provided in the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<section id="envvars"><title>Environment Variables</title>
9f380527370b68cda29abdad35334f62d6a7326drbowen<p>This module can be configured to provide several items of SSL information
9f380527370b68cda29abdad35334f62d6a7326drbowenas additional environment variables to the SSI and CGI namespace. This
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jiminformation is not provided by default for performance reasons. (See
9f380527370b68cda29abdad35334f62d6a7326drbowen<directive>SSLOptions</directive> StdEnvVars, below.) The generated variables
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare listed in the table below. For backward compatibility the information can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivebe made available under different names, too. Look in the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="/ssl/ssl_compat.html">Compatibility</a> chapter for details on the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecompatibility variables.</p>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".3"/><column width=".2"/><column width=".5"/>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj</columnspec>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand<tr><td><code>HTTPS</code></td> <td>flag</td> <td>HTTPS is being used.</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_PROTOCOL</code></td> <td>string</td> <td>The SSL protocol version (SSLv3, TLSv1, TLSv1.1, TLSv1.2)</td></tr>
98b409eae9ad8033008f8589b5c7c02ed49db767sctemme<tr><td><code>SSL_SESSION_ID</code></td> <td>string</td> <td>The hex-encoded SSL session id</td></tr>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<tr><td><code>SSL_SESSION_RESUMED</code></td> <td>string</td> <td>Initial or Resumed SSL Session. Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SECURE_RENEG</code></td> <td>string</td> <td><code>true</code> if secure renegotiation is supported, else <code>false</code></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER</code></td> <td>string</td> <td>The cipher specification name</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_EXPORT</code></td> <td>string</td> <td><code>true</code> if cipher is an export cipher</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_USEKEYSIZE</code></td> <td>number</td> <td>Number of cipher bits (actually used)</td></tr>
08ff7ca3674b179f36b9e0798ae2a9bdbb72c437wrowe<tr><td><code>SSL_CIPHER_ALGKEYSIZE</code></td> <td>number</td> <td>Number of cipher bits (possible)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_COMPRESS_METHOD</code></td> <td>string</td> <td>SSL compression method negotiated</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_VERSION_INTERFACE</code></td> <td>string</td> <td>The mod_ssl program version</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_VERSION_LIBRARY</code></td> <td>string</td> <td>The OpenSSL program version</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_M_VERSION</code></td> <td>string</td> <td>The version of the client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_M_SERIAL</code></td> <td>string</td> <td>The serial of the client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_S_DN</code></td> <td>string</td> <td>Subject DN in client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_S_DN_</code><em>x509</em></td> <td>string</td> <td>Component of client's Subject DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_I_DN</code></td> <td>string</td> <td>Issuer DN of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_I_DN_</code><em>x509</em></td> <td>string</td> <td>Component of client's Issuer DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_V_START</code></td> <td>string</td> <td>Validity of client's certificate (start time)</td></tr>
8514af9d926a1c330756d11eb71acfcf6e8e56bdjorton<tr><td><code>SSL_CLIENT_V_END</code></td> <td>string</td> <td>Validity of client's certificate (end time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_V_REMAIN</code></td> <td>string</td> <td>Number of days until client's certificate expires</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of client's certificate</td></tr>
256c9fec76025218e564ad19e100d4a38da10f42jorton<tr><td><code>SSL_CLIENT_CERT</code></td> <td>string</td> <td>PEM-encoded client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em></td> <td>string</td> <td>PEM-encoded certificates in client certificate chain</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_VERIFY</code></td> <td>string</td> <td><code>NONE</code>, <code>SUCCESS</code>, <code>GENEROUS</code> or <code>FAILED:</code><em>reason</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_M_VERSION</code></td> <td>string</td> <td>The version of the server certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_M_SERIAL</code></td> <td>string</td> <td>The serial of the server certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_S_DN</code></td> <td>string</td> <td>Subject DN in server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_S_DN_</code><em>x509</em></td> <td>string</td> <td>Component of server's Subject DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_I_DN</code></td> <td>string</td> <td>Issuer DN of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_I_DN_</code><em>x509</em></td> <td>string</td> <td>Component of server's Issuer DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_V_START</code></td> <td>string</td> <td>Validity of server's certificate (start time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_V_END</code></td> <td>string</td> <td>Validity of server's certificate (end time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of server's certificate</td></tr>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<tr><td><code>SSL_SERVER_CERT</code></td> <td>string</td> <td>PEM-encoded server certificate</td></tr>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<p><em>x509</em> specifies a component of an X.509 DN; one of
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>. In Apache 2.1 and
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonlater, <em>x509</em> may also include a numeric <code>_n</code>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonsuffix. If the DN in question contains multiple attributes of the
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonsame name, this suffix is used as a zero-based index to select a
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonparticular attribute. For example, where the server certificate
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonsubject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
fbcc97f10f1edb3bdcb0c66cba273abca56c670djorton<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each. A
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonvariable name without a <code>_n</code> suffix is equivalent to that
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonname with a <code>_0</code> suffix; the first (or only) attribute.
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonWhen the environment table is populated using
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonthe <directive module="mod_ssl">SSLOptions</directive> directive, the
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonfirst (or only) attribute of any DN is added only under a non-suffixed
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonname; i.e. no <code>_0</code> suffixed entries are added.</p>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
1b1621900bd89ddc496d721c865a726f635ebd7esf2.3.11. See the <code>LegacyDNStringFormat</code> option for
1b1621900bd89ddc496d721c865a726f635ebd7esf<directive module="mod_ssl">SSLOptions</directive> for details.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf<p><code>SSL_CLIENT_V_REMAIN</code> is only available in version 2.1
8514af9d926a1c330756d11eb71acfcf6e8e56bdjortonand later.</p>
8514af9d926a1c330756d11eb71acfcf6e8e56bdjorton<p>A number of additional environment variables can also be used
f7ac17a355153b91b25db5d526afd752465aa489jortonin <directive>SSLRequire</directive> expressions, or in custom log
f7ac17a355153b91b25db5d526afd752465aa489jortonformats:</p>
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_REFERER QUERY_STRING SERVER_SOFTWARE
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_COOKIE REMOTE_HOST API_VERSION
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_FORWARDED REMOTE_IDENT TIME_YEAR
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_HOST IS_SUBREQ TIME_MON
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_PROXY_CONNECTION DOCUMENT_ROOT TIME_DAY
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_ACCEPT SERVER_ADMIN TIME_HOUR
f7ac17a355153b91b25db5d526afd752465aa489jortonTHE_REQUEST SERVER_NAME TIME_MIN
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_FILENAME SERVER_PORT TIME_SEC
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_METHOD SERVER_PROTOCOL TIME_WDAY
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_SCHEME REMOTE_ADDR TIME
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>In these contexts, two special formats can also be used:</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton <dd>This will expand to the standard environment
f7ac17a355153b91b25db5d526afd752465aa489jorton <dd>This will expand to the value of the request header with name
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<section id="logformats"><title>Custom Log Formats</title>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>When <module>mod_ssl</module> is built into Apache or at least
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveloaded (under DSO situation) additional functions exist for the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="mod_log_config.html#formats">Custom Log Format</a> of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveadditional ``<code>%{</code><em>varname</em><code>}x</code>''
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveeXtension format function which can be used to expand any variables
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprovided by any module, especially those provided by mod_ssl which can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveyou find in the above table.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveFor backward compatibility there is additionally a special
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive``<code>%{</code><em>name</em><code>}c</code>'' cryptography format function
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprovided. Information about this function is provided in the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="/ssl/ssl_compat.html">Compatibility</a> chapter.</p>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton<p><module>mod_ssl</module> sets "notes" for the request which can be
2ff3ef24f2af86bdafd2b4ca698091048e066b28jortonused in logging with the <code>%{<em>name</em>}n</code> format
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton <dd>This note is set to the value <code>1</code> if access was
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton or <directive>SSLRequireSSL</directive> directive.</dd>
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton <dd>If <module>mod_ssl</module> is built against a version of
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton OpenSSL which supports the secure renegotiation extension, this note
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton is set to the value <code>1</code> if SSL is in used for the current
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton connection, and the client also supports the secure renegotiation
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton extension. If the client does not support the secure renegotiation
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton extension, the note is set to the value <code>0</code>.
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton If <module>mod_ssl</module> is not built against a version of
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton OpenSSL which supports secure renegotiation, or if SSL is not in use
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton for the current connection, the note is not set.</dd>
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton<section id="authzproviders"><title>Authorization providers for use with Require</title>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p><module>mod_ssl</module> provides a few authentication providers for use
eac658ceff08fb117e2484d8e16a38c775840b3fsf <directive module="mod_authz_core">Require</directive> directive.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The <code>ssl</code> provider denies access if a connection is not
eac658ceff08fb117e2484d8e16a38c775840b3fsf encrypted with SSL. This is similar to the
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require ssl
eac658ceff08fb117e2484d8e16a38c775840b3fsf <section id="reqverifyclient"><title>Require ssl-verify-client</title>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The <code>ssl</code> provider allows access if the user is
eac658ceff08fb117e2484d8e16a38c775840b3fsf authenticated with a valid client certificate. This is only
eac658ceff08fb117e2484d8e16a38c775840b3fsf useful if <code>SSLVerifyClient optional</code> is in effect.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The following example grants access if the user is authenticated
eac658ceff08fb117e2484d8e16a38c775840b3fsf either with a client certificate or by username and password.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require ssl-verify-client<br/>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh Require valid-user
eac658ceff08fb117e2484d8e16a38c775840b3fsf </example>
eac658ceff08fb117e2484d8e16a38c775840b3fsf<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Type of pass phrase dialog for encrypted private
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivekeys</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveWhen Apache starts up it has to read the various Certificate (see
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCertificateFile</directive>) and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePrivate Key (see <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCertificateKeyFile</directive>) files of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSL-enabled virtual servers. Because for security reasons the Private
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveKey files are usually encrypted, mod_ssl needs to query the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveadministrator for a Pass Phrase in order to decrypt those files. This
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivequery can be done in two ways which can be configured by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the default where an interactive terminal dialog occurs at startup
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive time just before Apache detaches from the terminal. Here the administrator
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive has to manually enter the Pass Phrase for each encrypted Private Key file.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Because a lot of SSL-enabled virtual hosts can be configured, the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive following reuse-scheme is used to minimize the dialog: When a Private Key
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive file is encrypted, all known Pass Phrases (at the beginning there are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive none, of course) are tried. If one of those known Pass Phrases succeeds no
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive dialog pops up for this particular Private Key file. If none succeeded,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive another Pass Phrase is queried on the terminal and remembered for the next
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive round (where it perhaps can be reused).</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This scheme allows mod_ssl to be maximally flexible (because for N encrypted
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Private Key files you <em>can</em> use N different Pass Phrases - but then
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive you have to enter all of them, of course) while minimizing the terminal
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive dialog (i.e. when you use a single Pass Phrase for all N Private Key files
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim <p>This mode allows an external program to be used which acts as a
c668ba618761ec81a1ee079106036454e8a88c96jorton pipe to a particular input device; the program is sent the standard
c668ba618761ec81a1ee079106036454e8a88c96jorton prompt text used for the <code>builtin</code> mode on
c668ba618761ec81a1ee079106036454e8a88c96jorton <code>stdin</code>, and is expected to write password strings on
c668ba618761ec81a1ee079106036454e8a88c96jorton <code>stdout</code>. If several passwords are needed (or an
c668ba618761ec81a1ee079106036454e8a88c96jorton incorrect password is entered), additional prompt text will be
c668ba618761ec81a1ee079106036454e8a88c96jorton written subsequent to the first password being returned, and more
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Here an external program is configured which is called at startup for each
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive encrypted Private Key file. It is called with two arguments (the first is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive of the form ``<code>servername:portnumber</code>'', the second is either
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive ``<code>RSA</code>'' or ``<code>DSA</code>''), which indicate for which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive server and algorithm it has to print the corresponding Pass Phrase to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>stdout</code>. The intent is that this external program first runs
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive security checks to make sure that the system is not compromised by an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive attacker, and only when these checks were passed successfully it provides
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the Pass Phrase.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Both these security checks, and the way the Pass Phrase is determined, can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be as complex as you like. Mod_ssl just defines the interface: an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive executable program which provides the Pass Phrase on <code>stdout</code>.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Nothing more or less! So, if you're really paranoid about security, here
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive is your interface. Anything else has to be left as an exercise to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive administrator, because local security requirements are so different.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive The reuse-algorithm above is used here, too. In other words: The external
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive program is called only once per unique Pass Phrase.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLPassPhraseDialog exec:/usr/local/apache/sbin/pp-filter
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Pseudo Random Number Generator (PRNG) seeding
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivesource</description>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis configures one or more sources for seeding the Pseudo Random Number
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveGenerator (PRNG) in OpenSSL at startup time (<em>context</em> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>startup</code>) and/or just before a new SSL connection is established
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(<em>context</em> is <code>connect</code>). This directive can only be used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the global server context because the PRNG is a global facility.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe following <em>source</em> variants are available:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <p> This is the always available builtin seeding source. It's usage
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive consumes minimum CPU cycles under runtime and hence can be always used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive without drawbacks. The source used for seeding the PRNG contains of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive current time, the current process id and (when applicable) a randomly
cfff4d16bbfcbf7cfe5a33ee394bcd8a17649e93humbedooh chosen 1KB extract of the inter-process scoreboard structure of Apache.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive The drawback is that this is not really a strong source and at startup
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive time (where the scoreboard is still not available) this source just
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive produces a few bytes of entropy. So you should always, at least for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses an external file <code>/path/to/source</code> as the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive source for seeding the PRNG. When <em>bytes</em> is specified, only the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive first <em>bytes</em> number of bytes of the file form the entropy (and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>bytes</em> is given to <code>/path/to/source</code> as the first
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive argument). When <em>bytes</em> is not specified the whole file forms the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy (and <code>0</code> is given to <code>/path/to/source</code> as
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the first argument). Use this especially at startup time, for instance
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>/dev/urandom</code> devices (which usually exist on modern Unix
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive derivatives like FreeBSD and Linux).</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>But be careful</em>: Usually <code>/dev/random</code> provides only as
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive much entropy data as it actually has, i.e. when you request 512 bytes of
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirier entropy, but the device currently has only 100 bytes available two things
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive can happen: On some platforms you receive only the 100 bytes while on
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive other platforms the read blocks until enough bytes are available (which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive can take a long time). Here using an existing <code>/dev/urandom</code> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive better, because it never blocks and actually gives the amount of requested
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive data. The drawback is just that the quality of the received data may not
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be the best.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive On some platforms like FreeBSD one can even control how the entropy is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive actually generated, i.e. by which system interrupts. More details one can
e3b49990cd625a3988a343302f0220aaed3dfb7bigalic find under <em>rndcontrol(8)</em> on those platforms. Alternatively, when
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive your system lacks such a random device, you can use tool
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive like <a href="http://www.lothar.com/tech/crypto/">EGD</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive (Entropy Gathering Daemon) and run it's client program with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>exec:/path/to/program/</code> variant (see below) or use
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>egd:/path/to/egd-socket</code> (see below).</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses an external executable
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>/path/to/program</code> as the source for seeding the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive PRNG. When <em>bytes</em> is specified, only the first
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>bytes</em> number of bytes of its <code>stdout</code> contents
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive form the entropy. When <em>bytes</em> is not specified, the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entirety of the data produced on <code>stdout</code> form the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy. Use this only at startup time when you need a very strong
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive seeding with the help of an external program (for instance as in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the example above with the <code>truerand</code> utility you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive find in the mod_ssl distribution which is based on the AT&T
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>truerand</em> library). Using this in the connection context
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive slows down the server too dramatically, of course. So usually you
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive should avoid using external programs in that context.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses the Unix domain socket of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive external Entropy Gathering Daemon (EGD) (see <a
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh href="http://www.lothar.com/tech/crypto/">http://www.lothar.com/tech
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh /crypto/</a>) to seed the PRNG. Use this if no random device exists
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLRandomSeed startup builtin<br />
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLRandomSeed startup exec:/usr/local/bin/truerand 16<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRandomSeed connect builtin<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Type of the global/inter-process SSL Session
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCache</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis configures the storage type of the global/inter-process SSL Session
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCache. This cache is an optional facility which speeds up parallel request
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprocessing. For requests to the same server process (via HTTP keep-alive),
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveOpenSSL already caches the SSL session information locally. But because modern
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierclients request inlined images and other data via parallel requests (usually
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveup to four parallel requests are common) those requests are served by
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<em>different</em> pre-forked server processes. Here an inter-process cache
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehelps to avoid unnecessary session handshakes.</p>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djortonThe following five storage <em>type</em>s are currently supported:</p>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This disables the global/inter-process Session Cache. This
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton will incur a noticeable speed penalty and may cause problems if
42167da203d969a1402cf7ce09c14586c04af1dfjim using certain browsers, particularly if client certificates are
75394345f1e542f71a0a37c7755070543124af7ejim <p>This disables any global/inter-process Session Cache. However
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive it does force OpenSSL to send a non-null session ID to
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin <p>This makes use of a DBM hashfile on the local disk to
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin synchronize the local OpenSSL memory caches of the server
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton processes. This session cache may suffer reliability issues under
856894d144a15ef1671032a17965bd00b430d311minfrin high load. To use this, ensure that
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton<li><code>shmcb:/path/to/datafile</code>[<code>(</code><em>size</em><code>)</code>]
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This makes use of a high-performance cyclic buffer
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin (approx. <em>size</em> bytes in size) inside a shared memory
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin segment in RAM (established via <code>/path/to/datafile</code>) to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton synchronize the local OpenSSL memory caches of the server
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton processes. This is the recommended session cache. To use this,
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton ensure that <module>mod_socache_shmcb</module> is loaded.</p></li>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton href="http://www.distcache.org/">distcache</a> distributed session
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton caching libraries. The argument should specify the location of
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton the server or proxy to be used using the distcache address syntax;
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin for example, <code>UNIX:/path/to/socket</code> specifies a UNIX
8235b2fec7536f2d4178ba81f6dddb9b5cb8e57eminfrin domain socket (typically a local dc_client proxy);
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <code>IP:server.example.com:9001</code> specifies an IP
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive address. To use this, ensure that
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data(512000)
180b8666f2271cf300f22560ed3d78b30982c097trawick<p>The <code>ssl-cache</code> mutex is used to serialize access to
180b8666f2271cf300f22560ed3d78b30982c097trawickthe session cache to prevent corruption. This mutex can be configured
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveusing the <directive module="core">Mutex</directive> directive.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Number of seconds before an SSL session expires
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the Session Cache</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLSessionCacheTimeout <em>seconds</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the timeout in seconds for the information stored in the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveglobal/inter-process SSL Session Cache and the OpenSSL internal memory cache.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveIt can be set as low as 15 for testing, but should be set to higher
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevalues like 300 in real life.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLSessionCacheTimeout 600
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive toggles the usage of the SSL/TLS Protocol Engine. This
1428f44b421e1c9ee0721b4b709dd10064758c40rbowentype="section">VirtualHost</directive> section to enable SSL/TLS for a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethat virtual host. By default the SSL/TLS Protocol Engine is
1428f44b421e1c9ee0721b4b709dd10064758c40rbowendisabled for both the main server and all configured virtual hosts.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<VirtualHost _default_:443><br />
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLEngine on<br />
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh</VirtualHost>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>In Apache 2.1 and later, <directive>SSLEngine</directive> can be set to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<a href="http://www.ietf.org/rfc/rfc2817.txt">RFC 2817</a>, Upgrading to TLS
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimWithin HTTP/1.1. At this time no web browsers support RFC 2817.</p>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<contextlist><context>server config</context></contextlist>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweThis directive toggles the usage of the SSL library FIPS_mode flag.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweIt must be set in the global server context and cannot be configured
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowewith conflicting settings (SSLFIPS on followed by SSLFIPS off or
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowesimilar). The mode applies to all SSL library operations.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweIf httpd was compiled against an SSL library which did not support
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowethe FIPS_mode flag, <code>SSLFIPS on</code> will fail. Refer to the
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweFIPS 140-2 Security Policy document of the SSL provider library for
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowespecific requirements to use mod_ssl in a FIPS 140-2 approved mode
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweof operation; note that mod_ssl itself is not validated, but may be
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowedescribed as using FIPS 140-2 validated cryptographic module, when
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweall components are assembled and operated under the guidelines imposed
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweby the applicable Security Policy.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe</directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<description>Configure usable SSL/TLS protocol versions</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLProtocol [+|-]<em>protocol</em> ...</syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive can be used to control which versions of the SSL/TLS protocol
610981f18632eeb2fbefd7d59681ebdfcba806fbjortonwill be accepted in new connections.</p>
0827cb14e550f6f65018431c22c2c913631c8f25kbrandThe available (case-insensitive) <em>protocol</em>s are:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the Secure Sockets Layer (SSL) protocol, version 3.0, from
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the Netscape Corporation.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive It is the successor to SSLv2 and the predecessor to TLSv1. It's supported by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the Transport Layer Security (TLS) protocol, version 1.0.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive It is the successor to SSLv3 and is defined in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <a href="http://www.ietf.org/rfc/rfc2246.txt">RFC 2246</a>.</p></li>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand<li><code>TLSv1.1</code> (when using OpenSSL 1.0.1 and later)
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand A revision of the TLS 1.0 protocol, as defined in
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand <a href="http://www.ietf.org/rfc/rfc4346.txt">RFC 4346</a>.</p></li>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand<li><code>TLSv1.2</code> (when using OpenSSL 1.0.1 and later)
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand A revision of the TLS 1.1 protocol, as defined in
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrand <a href="http://www.ietf.org/rfc/rfc5246.txt">RFC 5246</a>.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is a shortcut for ``<code>+SSLv3 +TLSv1</code>'' or
0827cb14e550f6f65018431c22c2c913631c8f25kbrand - when using OpenSSL 1.0.1 and later -
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive ``<code>+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2</code>, respectively.</p></li>
a1de5cf47c9ccfbf493264e8a3fa7ddd5a9c80d1kbrandSSLProtocol TLSv1
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh</directivesynopsis>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Cipher Suite available for negotiation in SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehandshake</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<default>SSLCipherSuite DEFAULT (depends on OpenSSL version)</default>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis complex directive uses a colon-separated <em>cipher-spec</em> string
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconsisting of OpenSSL cipher specifications to configure the Cipher Suite the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclient is permitted to negotiate in the SSL handshake phase. Notice that this
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedirective can be used both in per-server and per-directory context. In
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-server context it applies to the standard SSL handshake when a connection
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveis established. In per-directory context it forces a SSL renegotiation with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivereconfigured Cipher Suite after the HTTP request was read but before the HTTP
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveresponse is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAn SSL cipher specification in <em>cipher-spec</em> is composed of 4 major
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierattributes plus a few extra minor ones:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive RSA or Diffie-Hellman variants.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive RSA, Diffie-Hellman, DSS or none.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive DES, Triple-DES, RC4, RC2, IDEA or none.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive MD5, SHA or SHA1.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>An SSL cipher can also be an export cipher and is either an SSLv2 or SSLv3/TLSv1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecipher (here TLSv1 is equivalent to SSLv3). To specify which ciphers to use,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveone can either specify all the Ciphers, one at a time, or use aliases to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivespecify the preference and order for the ciphers (see <a href="#table1">Table
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<columnspec><column width=".5"/><column width=".5"/></columnspec>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<tr><th><a name="table1">Tag</a></th> <th>Description</th></tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<tr><td colspan="2"><em>Key Exchange Algorithm:</em></td></tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<tr><td><code>kRSA</code></td> <td>RSA key exchange</td></tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>kDHr</code></td> <td>Diffie-Hellman key exchange with RSA key</td></tr>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<tr><td><code>kDHd</code></td> <td>Diffie-Hellman key exchange with DSA key</td></tr>
984276e3760754bae346208618ad01194ddd4e73rbowen<tr><td><code>kEDH</code></td> <td>Ephemeral (temp.key) Diffie-Hellman key exchange (no cert)</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Authentication Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aNULL</code></td> <td>No authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aRSA</code></td> <td>RSA authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aDSS</code></td> <td>DSS authentication</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aDH</code></td> <td>Diffie-Hellman authentication</td></tr>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf<tr><td colspan="2"><em>Cipher Encoding Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>eNULL</code></td> <td>No encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DES</code></td> <td>DES encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>3DES</code></td> <td>Triple-DES encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RC4</code></td> <td>RC4 encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RC2</code></td> <td>RC2 encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>IDEA</code></td> <td>IDEA encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>MAC Digest Algorithm</em>:</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>MD5</code></td> <td>MD5 hash function</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SHA1</code></td> <td>SHA1 hash function</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SHA</code></td> <td>SHA hash function</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSLv2</code></td> <td>all SSL version 2.0 ciphers</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSLv3</code></td> <td>all SSL version 3.0 ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>TLSv1</code></td> <td>all TLS version 1.0 ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP</code></td> <td>all export ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXPORT40</code></td> <td>all 40-bit export ciphers only</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXPORT56</code></td> <td>all 56-bit export ciphers only</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>LOW</code></td> <td>all low strength ciphers (no export, single DES)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>MEDIUM</code></td> <td>all ciphers with 128 bit encryption</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>HIGH</code></td> <td>all ciphers using Triple-DES</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RSA</code></td> <td>all ciphers using RSA key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DH</code></td> <td>all ciphers using Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH</code></td> <td>all ciphers using Ephemeral Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>ADH</code></td> <td>all ciphers using Anonymous Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DSS</code></td> <td>all ciphers using DSS authentication</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>NULL</code></td> <td>all ciphers using no encryption</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikjNow where this becomes interesting is that these can be put together
a5da9d9dfc593837aca771df70ad124a37e22abapatrikjto specify the order and ciphers you wish to use. To speed this up
099c357f282d4aebf2b32264f7dce6ffc0497c37sfthere are also aliases (<code>SSLv2, SSLv3, TLSv1, EXP, LOW, MEDIUM,
a5da9d9dfc593837aca771df70ad124a37e22abapatrikjHIGH</code>) for certain groups of ciphers. These tags can be joined
a5da9d9dfc593837aca771df70ad124a37e22abapatrikjtogether with prefixes to form the <em>cipher-spec</em>. Available
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprefixes are:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>+</code>: add ciphers to list and pull them to current location in list</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>-</code>: remove cipher from list (can be added later again)</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>!</code>: kill cipher from list completely (can <strong>not</strong> be added later again)</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>A simpler way to look at all of this is to use the ``<code>openssl ciphers
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive-v</code>'' command which provides a nice way to successively create the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecorrect <em>cipher-spec</em> string. The default <em>cipher-spec</em> string
21d80c75366197941f9b957a89b3e988f6f963cedruggeridepends on the version of the OpenSSL libraries used. Let's suppose it is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive``<code>ALL:!aNULL:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP</code>'' which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemeans the following: first, remove from consideration any ciphers that do not
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthenticate, i.e. for SSL the Anonymous Diffie-Hellman ciphers. Next,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveuse ciphers using RC4 and RSA. Next include the high, medium and then the low
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivesecurity ciphers. Finally <em>pull</em> all SSLv2 and export ciphers to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveend of the list.</p>
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalic$ openssl ciphers -v 'ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP'
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicNULL-SHA SSLv3 Kx=RSA Au=RSA Enc=None Mac=SHA1
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicNULL-MD5 SSLv3 Kx=RSA Au=RSA Enc=None Mac=MD5
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicEDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalic... ... ... ... ...
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicEXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEXP-RC2-CBC-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalic<p>The complete list of particular RSA & DH ciphers for SSL is given in <a
6b704dc95deb1bd3da4498bfa7939018fa8973dfigalicSSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<columnspec><column width=".3"/><column width=".1"/><column width=".13"/>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<column width=".1"/><column width=".13"/><column width=".1"/>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<tr><th><a name="table2">Cipher-Tag</a></th> <th>Protocol</th> <th>Key Ex.</th> <th>Auth.</th> <th>Enc.</th> <th>MAC</th> <th>Type</th> </tr>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<tr><td><code>DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<tr><td><code>DES-CBC3-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>3DES(168)</td> <td>MD5</td> <td></td> </tr>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<tr><td><code>IDEA-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>IDEA(128)</td> <td>SHA1</td> <td></td> </tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<tr><td><code>RC4-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-MD5</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<tr><td><code>IDEA-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>IDEA(128)</td> <td>MD5</td> <td></td> </tr>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<tr><td><code>RC2-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>RC2(128)</td> <td>MD5</td> <td></td> </tr>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<tr><td><code>RC4-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
984276e3760754bae346208618ad01194ddd4e73rbowen<tr><td><code>DES-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RC4-64-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>RC4(64)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>DES(56)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-RC2-CBC-MD5</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>RC2(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-RC4-MD5</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-RC2-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA(512)</td> <td>RSA</td> <td>RC2(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-RC4-MD5</code></td> <td>SSLv2</td> <td>RSA(512)</td> <td>RSA</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>NULL-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>None</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>NULL-MD5</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>None</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td colspan="7"><em>Diffie-Hellman Ciphers:</em></td></tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>ADH-RC4-MD5</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH-RSA-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>RSA</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH-DSS-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>DSS</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH-RSA-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>RSA</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH-DSS-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>DSS</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-EDH-RSA-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>RSA</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-EDH-DSS-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>DSS</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-ADH-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>None</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EXP-ADH-RC4-MD5</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>None</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele</directivesynopsis>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<directivesynopsis>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<description>Server PEM-encoded X.509 Certificate file</description>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<syntax>SSLCertificateFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive points to the PEM-encoded Certificate file for the server and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptionally also to the corresponding RSA or DSA Private Key file for it
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(contained in the same file). If the contained Private Key is encrypted the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePass Phrase dialog is forced at startup time. This directive can be used up to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivetwo times (referencing different filenames) when both a RSA and a DSA based
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver certificate is used in parallel.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Server PEM-encoded Private Key file</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCertificateKeyFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive points to the PEM-encoded Private Key file for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver. If the Private Key is not combined with the Certificate in the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive>SSLCertificateFile</directive>, use this additional directive to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivepoint to the file with the stand-alone Private Key. When
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive>SSLCertificateFile</directive> is used and the file
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontains both the Certificate and the Private Key this directive need
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivenot be used. But we strongly discourage this practice. Instead we
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverecommend you to separate the Certificate and the Private Key. If the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontained Private Key is encrypted, the Pass Phrase dialog is forced
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveat startup time. This directive can be used up to two times
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(referencing different filenames) when both a RSA and a DSA based
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprivate key is used in parallel.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of PEM-encoded Server CA Certificates</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCertificateChainFile <em>file-path</em></syntax>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohThis directive sets the optional <em>all-in-one</em> file where you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveassemble the certificates of Certification Authorities (CA) which form the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate chain of the server certificate. This starts with the issuing CA
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate of the server certificate and can range up to the root CA
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate. Such a file is simply the concatenation of the various
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePEM-encoded CA Certificate files, usually in certificate chain order.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis should be used alternatively and/or additionally to <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCACertificatePath</directive> for explicitly
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconstructing the server certificate chain which is sent to the browser
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein addition to the server certificate. It is especially useful to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveavoid conflicts with CA certificates when using client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication. Because although placing a CA certificate of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver certificate chain into <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCACertificatePath</directive> has the same effect
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor the certificate chain construction, it has the side-effect that
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclient certificates issued by this same CA certificate are also
38283aab65389dd92a565cc907fa620b309ea26blgentisaccepted on client authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveBut be careful: Providing the certificate chain works only if you are using a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>single</em> RSA <em>or</em> DSA based server certificate. If you are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveusing a coupled RSA+DSA certificate pair, this will work only if actually both
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificates use the <em>same</em> certificate chain. Else the browsers will be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconfused in this situation.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/ca.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Directory of PEM-encoded CA Certificates for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
60d4e69911c2076d97a593f75947d53173a7a02anoodl<syntax>SSLCACertificatePath <em>directory-path</em></syntax>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleThis directive sets the directory where you keep the Certificates of
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohCertification Authorities (CAs) whose clients you deal with. These are used to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveverify the client certificate on Client Authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe files in this directory have to be PEM-encoded and are accessed through
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehash filenames. So usually you can't just place the Certificate files
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethere: you also have to create symbolic links named
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>hash-value</em><code>.N</code>. And you should always make sure this directory
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimcontains the appropriate symbolic links.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of concatenated PEM-encoded CA Certificates
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor Client Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCACertificateFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the <em>all-in-one</em> file where you can assemble the
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohCertificates of Certification Authorities (CA) whose <em>clients</em> you deal
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabelewith. These are used for Client Authentication. Such a file is simply the
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohconcatenation of the various PEM-encoded Certificate files, in order of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivepreference. This can be used alternatively and/or additionally to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCACertificatePath</directive>.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-client.crt
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of concatenated PEM-encoded CA Certificates
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor defining acceptable CA names</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>When a client certificate is requested by mod_ssl, a list of
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<em>acceptable Certificate Authority names</em> is sent to the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the SSL handshake. These CA names can be used by the client to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveselect an appropriate client certificate out of those it has
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohavailable.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCADNRequestPath</directive> or <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCADNRequestFile</directive> are given, then the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveset of acceptable CA names sent to the client is the names of all the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCA certificates given by the <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCACertificateFile</directive> and <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCACertificatePath</directive> directives; in other
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimwords, the names of the CAs which will actually be used to verify the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonclient certificate.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>In some circumstances, it is useful to be able to send a set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonacceptable CA names which differs from the actual CAs used to verify
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthe client certificate - for example, if the client certificates are
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonsigned by intermediate CAs. In such cases, <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestPath</directive> and/or <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> can be used; the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonacceptable CA names are then taken from the complete set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortoncertificates in the directory and/or file specified by this pair of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondirectives.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p><directive module="mod_ssl">SSLCADNRequestFile</directive> must
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonspecify an <em>all-in-one</em> file containing a concatenation of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonPEM-encoded CA certificates.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonSSLCADNRequestFile /usr/local/apache2/conf/ca-names.crt
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<description>Directory of PEM-encoded CA Certificates for
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondefining acceptable CA names</description>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<syntax>SSLCADNRequestPath <em>directory-path</em></syntax>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>This optional directive can be used to specify the set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>acceptable CA names</em> which will be sent to the client when a
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonclient certificate is requested. See the <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> directive for more
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondetails.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>The files in this directory have to be PEM-encoded and are accessed
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohthrough hash filenames. So usually you can't just place the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonCertificate files there: you also have to create symbolic links named
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>hash-value</em><code>.N</code>. And you should always make sure
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthis directory contains the appropriate symbolic links.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonSSLCADNRequestPath /usr/local/apache2/conf/ca-names.crt/
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<description>Directory of PEM-encoded CA CRLs for
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonClient Auth</description>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<syntax>SSLCARevocationPath <em>directory-path</em></syntax>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonThis directive sets the directory where you keep the Certificate Revocation
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonLists (CRL) of Certification Authorities (CAs) whose clients you deal with.
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonThese are used to revoke the client certificate on Client Authentication.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonThe files in this directory have to be PEM-encoded and are accessed through
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowenhash filenames. So usually you have not only to place the CRL files there.
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonAdditionally you have to create symbolic links named
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortoncontains the appropriate symbolic links.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of concatenated PEM-encoded CA CRLs for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCARevocationFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the <em>all-in-one</em> file where you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveassemble the Certificate Revocation Lists (CRL) of Certification
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAuthorities (CA) whose <em>clients</em> you deal with. These are used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor Client Authentication. Such a file is simply the concatenation of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe various PEM-encoded CRL files, in order of preference. This can be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-client.crl
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Enable CRL-based revocation checking</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEnables certificate revocation list (CRL) checking. At least one of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCARevocationFile</directive>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveor <directive module="mod_ssl">SSLCARevocationPath</directive> must be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconfigured. When set to <code>chain</code> (recommended setting),
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCRL checks are applied to all certificates in the chain, while setting it to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>leaf</code> limits the checks to the end-entity cert.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<title>When set to <code>chain</code> or <code>leaf</code>,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCRLs <em>must</em> be available for successful validation</title>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohPrior to version 2.3.15, CRL checking in mod_ssl also succeeded when
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleno CRL(s) were found in any of the locations configured with
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<directive module="mod_ssl">SSLCARevocationFile</directive>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveor <directive module="mod_ssl">SSLCARevocationPath</directive>.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveWith the introduction of this directive, the behavior has been changed:
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivewhen checking is enabled, CRLs <em>must</em> be present for the validation
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto succeed - otherwise it will fail with an
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLCARevocationCheck chain
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand</directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<description>Type of Client Certificate verification</description>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandThis directive sets the Certificate verification level for the Client
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandAuthentication. Notice that this directive can be used both in per-server and
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandper-directory context. In per-server context it applies to the client
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandauthentication process used in the standard SSL handshake when a connection is
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandestablished. In per-directory context it forces a SSL renegotiation with the
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandreconfigured client verification level after the HTTP request was read but
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandbefore the HTTP response is sent.</p>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandThe following levels are available for <em>level</em>:</p>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand no client Certificate is required at all</li>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand the client <em>may</em> present a valid Certificate</li>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand the client <em>has to</em> present a valid Certificate</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client may present a valid Certificate<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive but it need not to be (successfully) verifiable.</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>require</strong> are really interesting, because level
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>optional</strong> doesn't work with all browsers and level
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>optional_no_ca</strong> is actually against the idea of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication (but can be used to establish SSL test pages, etc.)</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLVerifyClient require
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Maximum depth of CA Certificates in Client
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierCertificate verification</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets how deeply mod_ssl should verify before deciding that the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclients don't have a valid certificate. Notice that this directive can be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveused both in per-server and per-directory context. In per-server context it
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveapplies to the client authentication process used in the standard SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehandshake when a connection is established. In per-directory context it forces
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivea SSL renegotiation with the reconfigured client verification depth after the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHTTP request was read but before the HTTP response is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe depth actually is the maximum number of intermediate certificate issuers,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivei.e. the number of CA certificates which are max allowed to be followed while
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveverifying the client certificate. A depth of 0 means that self-signed client
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohcertificates are accepted only, the default depth of 1 means the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate can be self-signed or has to be signed by a CA which is directly
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohknown to the server (i.e. the CA's certificate is under
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCACertificatePath</directive>), etc.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLVerifyDepth 10
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Configure various SSL engine run-time options</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive can be used to control various run-time options on a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-directory basis. Normally, if multiple <code>SSLOptions</code>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecould apply to a directory, then the most specific one is taken
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecompletely; the options are not merged. However if <em>all</em> the
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirieroptions on the <code>SSLOptions</code> directive are preceded by a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveplus (<code>+</code>) or minus (<code>-</code>) symbol, the options
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare merged. Any options preceded by a <code>+</code> are added to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptions currently in force, and any options preceded by a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>-</code> are removed from the options currently in force.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, the standard set of SSL related CGI/SSI
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh environment variables are created. This per default is disabled for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive performance reasons, because the information extraction step is a
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh rather expensive operation. So one usually enables this option for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive CGI and SSI requests only.</p>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf When this option is enabled, additional CGI/SSI environment variables are
099c357f282d4aebf2b32264f7dce6ffc0497c37sf created: <code>SSL_SERVER_CERT</code>, <code>SSL_CLIENT_CERT</code> and
099c357f282d4aebf2b32264f7dce6ffc0497c37sf <code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em> (with <em>n</em> = 0,1,2,..).
099c357f282d4aebf2b32264f7dce6ffc0497c37sf These contain the PEM-encoded X.509 Certificates of server and client for
099c357f282d4aebf2b32264f7dce6ffc0497c37sf the current HTTPS connection and can be used by CGI scripts for deeper
099c357f282d4aebf2b32264f7dce6ffc0497c37sf Certificate checking. Additionally all other certificates of the client
e609ac39f206eb484d7d609a6a50369b1abbe112sf certificate chain are provided, too. This bloats up the environment a
e609ac39f206eb484d7d609a6a50369b1abbe112sf little bit which is why you have to use this option to enable it on
099c357f282d4aebf2b32264f7dce6ffc0497c37sf demand.</p>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf When this option is enabled, the Subject Distinguished Name (DN) of the
099c357f282d4aebf2b32264f7dce6ffc0497c37sf Client X509 Certificate is translated into a HTTP Basic Authorization
099c357f282d4aebf2b32264f7dce6ffc0497c37sf username. This means that the standard Apache authentication methods can
099c357f282d4aebf2b32264f7dce6ffc0497c37sf be used for access control. The user name is just the Subject of the
099c357f282d4aebf2b32264f7dce6ffc0497c37sf Client's X509 Certificate (can be determined by running OpenSSL's
e609ac39f206eb484d7d609a6a50369b1abbe112sf <code>openssl x509</code> command: <code>openssl x509 -noout -subject -in
e609ac39f206eb484d7d609a6a50369b1abbe112sf </code><em>certificate</em><code>.crt</code>). Note that no password is
e609ac39f206eb484d7d609a6a50369b1abbe112sf obtained from the user. Every entry in the user file needs this password:
e609ac39f206eb484d7d609a6a50369b1abbe112sf ``<code>xxj31ZMTZzkVA</code>'', which is the DES-encrypted version of the
e609ac39f206eb484d7d609a6a50369b1abbe112sf word `<code>password</code>''. Those who live under MD5-based encryption
e609ac39f206eb484d7d609a6a50369b1abbe112sf (for instance under FreeBSD or BSD/OS, etc.) should use the following MD5
e609ac39f206eb484d7d609a6a50369b1abbe112sf hash of the same word: ``<code>$1$OXLyS...$Owx8s2/m9/gfkcRVXzgoE/</code>''.</p>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf This <em>forces</em> forbidden access when <code>SSLRequireSSL</code> or
099c357f282d4aebf2b32264f7dce6ffc0497c37sf <code>SSLRequire</code> successfully decided that access should be
099c357f282d4aebf2b32264f7dce6ffc0497c37sf forbidden. Usually the default is that in the case where a ``<code>Satisfy
099c357f282d4aebf2b32264f7dce6ffc0497c37sf any</code>'' directive is used, and other access restrictions are passed,
099c357f282d4aebf2b32264f7dce6ffc0497c37sf <code>SSLRequire</code> is overridden (because that's how the Apache
099c357f282d4aebf2b32264f7dce6ffc0497c37sf <code>Satisfy</code> mechanism should work.) But for strict access restriction
099c357f282d4aebf2b32264f7dce6ffc0497c37sf you can use <code>SSLRequireSSL</code> and/or <code>SSLRequire</code> in
e609ac39f206eb484d7d609a6a50369b1abbe112sf combination with an ``<code>SSLOptions +StrictRequire</code>''. Then an
e609ac39f206eb484d7d609a6a50369b1abbe112sf additional ``<code>Satisfy Any</code>'' has no chance once mod_ssl has
099c357f282d4aebf2b32264f7dce6ffc0497c37sf decided to deny access.</p>
099c357f282d4aebf2b32264f7dce6ffc0497c37sf This enables optimized SSL connection renegotiation handling when SSL
099c357f282d4aebf2b32264f7dce6ffc0497c37sf directives are used in per-directory context. By default a strict
099c357f282d4aebf2b32264f7dce6ffc0497c37sf scheme is enabled where <em>every</em> per-directory reconfiguration of
099c357f282d4aebf2b32264f7dce6ffc0497c37sf SSL parameters causes a <em>full</em> SSL renegotiation handshake. When this
099c357f282d4aebf2b32264f7dce6ffc0497c37sf option is used mod_ssl tries to avoid unnecessary handshakes by doing more
099c357f282d4aebf2b32264f7dce6ffc0497c37sf granular (but still safe) parameter checks. Nevertheless these granular
099c357f282d4aebf2b32264f7dce6ffc0497c37sf checks sometimes maybe not what the user expects, so enable this on a
099c357f282d4aebf2b32264f7dce6ffc0497c37sf per-directory basis only, please.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This option influences how values of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>SSL_{CLIENT,SERVER}_{I,S}_DN</code> variables are formatted. Since
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive version 2.3.11, Apache HTTPD uses a RFC 2253 compatible format by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive default. This uses commas as delimiters between the attributes, allows the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive use of non-ASCII characters (which are converted to UTF8), escapes
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive various special characters with backslashes, and sorts the attributes
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive with the "C" attribute last.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <p>If <code>LegacyDNStringFormat</code> is set, the old format will be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive used which sorts the "C" attribute first, uses slashes as separators, and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive does not handle non-ASCII and special characters in any consistent way.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLOptions +FakeBasicAuth -StrictRequire<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<Files ~ "\.(cgi|shtml)$"><br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive SSLOptions +StdEnvVars -ExportCertData<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<Files>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Deny access when SSL is not used for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHTTP request</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive forbids access unless HTTP over SSL (i.e. HTTPS) is enabled for
256c9fec76025218e564ad19e100d4a38da10f42jortonthe current connection. This is very handy inside the SSL-enabled virtual
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehost or directories for defending against configuration errors that expose
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivestuff that should be protected. When this directive is present all requests
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare denied which are not using SSL.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRequireSSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Allow access only when an arbitrarily complex
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveboolean expression is true</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p><code>SSLRequire</code> is deprecated and should in general be replaced
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveby <a href="mod_authz_core.html#reqexpr">Require expr</a>. The so called
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<a href="/expr.html">ap_expr</a> syntax of <code>Require expr</code> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivea superset of the syntax of <code>SSLRequire</code>, with the following
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveexception:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>In <code>SSLRequire</code>, the comparison operators <code><</code>,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code><=</code>, ... are completely equivalent to the operators
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>lt</code>, <code>le</code>, ... and work in a somewhat pecular way that
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefirst compares the length of two strings and then the lexical order.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveOn the other hand, <a href="/expr.html">ap_expr</a> has two sets of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code><=</code>, ... do lexical string comparison, while the operators
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>-lt</code>, <code>-le</code>, ... do integer comparison.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveFor the latter, there are also aliases without the leading dashes:
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive specifies a general access requirement which has to be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefulfilled in order to allow access. It is a very powerful directive because the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverequirement specification is an arbitrarily complex boolean expression
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontaining any number of access checks.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esfThe <em>expression</em> must match the following syntax (given as a BNF
1b1621900bd89ddc496d721c865a726f635ebd7esfgrammar notation):</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf<blockquote>
1b1621900bd89ddc496d721c865a726f635ebd7esfexpr ::= "<strong>true</strong>" | "<strong>false</strong>"
1b1621900bd89ddc496d721c865a726f635ebd7esfcomp ::= word "<strong>==</strong>" word | word "<strong>eq</strong>" word
1b1621900bd89ddc496d721c865a726f635ebd7esf | word "<strong>!=</strong>" word | word "<strong>ne</strong>" word
1b1621900bd89ddc496d721c865a726f635ebd7esf | word "<strong><</strong>" word | word "<strong>lt</strong>" word
1b1621900bd89ddc496d721c865a726f635ebd7esf | word "<strong><=</strong>" word | word "<strong>le</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>></strong>" word | word "<strong>gt</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>>=</strong>" word | word "<strong>ge</strong>" word
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh | word "<strong>in</strong>" "<strong>{</strong>" wordlist "<strong>}</strong>"
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh | word "<strong>in</strong>" "<strong>PeerExtList(</strong>" word "<strong>)</strong>"
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohwordlist ::= word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveword ::= digit
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedigit ::= [0-9]+
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecstring ::= "..."
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevariable ::= "<strong>%{</strong>" varname "<strong>}</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefunction ::= funcname "<strong>(</strong>" funcargs "<strong>)</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</blockquote>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>For <code>varname</code> any of the variables described in <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="#envvars">Environment Variables</a> can be used. For
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>funcname</code> the available functions are listed in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe <a href="/expr.html#functions">ap_expr documentation</a>.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>Notice that <em>expression</em> is first parsed into an internal machine
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverepresentation and then evaluated in a second step. Actually, in Global and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePer-Server Class context <em>expression</em> is parsed at startup time and
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohat runtime only the machine representation is executed. For Per-Directory
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontext this is different: here <em>expression</em> has to be parsed and
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohimmediately executed for every request.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<pre>SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/</pre>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>The <code>PeerExtList(<em>object-ID</em>)</code> function expects
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto find zero or more instances of the X.509 certificate extension
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveidentified by the given <em>object ID</em> (OID) in the client certificate.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe expression evaluates to true if the left-hand side string matches
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveexactly against the value of an extension identified with this OID.
d89cc405921b7b09b615a0a96afde552638198ecrbowen(If multiple extensions with the same OID are present, at least one
d89cc405921b7b09b615a0a96afde552638198ecrbowenextension must match).</p>
d89cc405921b7b09b615a0a96afde552638198ecrbowenSSLRequire "foobar" in PeerExtList("1.2.3.4.5.6")
d89cc405921b7b09b615a0a96afde552638198ecrbowen<note><title>Notes on the PeerExtList function</title>
d89cc405921b7b09b615a0a96afde552638198ecrbowen<li><p>The object ID can be specified either as a descriptive
d89cc405921b7b09b615a0a96afde552638198ecrbowenname recognized by the SSL library, such as <code>"nsComment"</code>,
d89cc405921b7b09b615a0a96afde552638198ecrbowenor as a numeric OID, such as <code>"1.2.3.4.5.6"</code>.</p></li>
d89cc405921b7b09b615a0a96afde552638198ecrbowen<li><p>Expressions with types known to the SSL library are rendered to
d89cc405921b7b09b615a0a96afde552638198ecrbowena string before comparison. For an extension with a type not
d89cc405921b7b09b615a0a96afde552638198ecrbowenrecognized by the SSL library, mod_ssl will parse the value if it is
d89cc405921b7b09b615a0a96afde552638198ecrbowenone of the primitive ASN.1 types UTF8String, IA5String, VisibleString,
d89cc405921b7b09b615a0a96afde552638198ecrbowenor BMPString. For an extension of one of these types, the string
d89cc405921b7b09b615a0a96afde552638198ecrbowenvalue will be converted to UTF-8 if necessary, then compared against
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<seealso><a href="/env.html">Environment Variables in Apache HTTP Server</a>,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor additional examples.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<seealso><a href="mod_authz_core.html#reqexpr">Require expr</a></seealso>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<seealso><a href="/expr.html">Generic expression syntax in Apache HTTP Server</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Set the size for the SSL renegotiation buffer</description>
e1c1bf4d7684950ea2a31a0419dc46991ec539abmartin<p>If an SSL renegotiation is required in per-location context, for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveexample, any use of <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLVerifyClient</directive> in a Directory or
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveLocation block, then <module>mod_ssl</module> must buffer any HTTP
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverequest body into memory until the new SSL handshake can be performed.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive can be used to set the amount of memory that will be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveused for this buffer. </p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveNote that in many configurations, the client sending the request body
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivewill be untrusted so a denial of service attack by consumption of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivememory must be considered when changing this configuration setting.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRenegBufferSize 262144
f7ac17a355153b91b25db5d526afd752465aa489jorton</directivesynopsis>
02c4e4fe19f1120c6bdf561950ab60077c61cc5fsf<directivesynopsis>
02c4e4fe19f1120c6bdf561950ab60077c61cc5fsf<description>Whether to allow non-SNI clients to access a name-based virtual
3c9e475ff9f299438960543e1ec28c10d4bf2570covener</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<compatibility>Available in Apache 2.2.12 and later</compatibility>
f7ac17a355153b91b25db5d526afd752465aa489jortonThis directive sets whether a non-SNI client is allowed to access a name-based
f7ac17a355153b91b25db5d526afd752465aa489jortonvirtual host. If set to <code>on</code> in the default name-based virtual
f7ac17a355153b91b25db5d526afd752465aa489jortonhost, clients that are SNI unaware will not be allowed to access <em>any</em>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohvirtual host, belonging to this particular IP / port combination.
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohIf set to <code>on</code> in any other virtual host, SNI unaware clients
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare not allowed to access this particular virtual host.
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonThis option is only available if httpd was compiled against an SNI capable
f7ac17a355153b91b25db5d526afd752465aa489jortonversion of OpenSSL.
f7ac17a355153b91b25db5d526afd752465aa489jortonSSLStrictSNIVHostCheck on
f7ac17a355153b91b25db5d526afd752465aa489jorton</directivesynopsis>
f7ac17a355153b91b25db5d526afd752465aa489jorton<directivesynopsis>
f7ac17a355153b91b25db5d526afd752465aa489jorton<description>Directory of PEM-encoded client certificates and keys to be used by the proxy</description>
f7ac17a355153b91b25db5d526afd752465aa489jorton<syntax>SSLProxyMachineCertificatePath <em>directory</em></syntax>
f7ac17a355153b91b25db5d526afd752465aa489jorton<contextlist><context>server config</context></contextlist>
f7ac17a355153b91b25db5d526afd752465aa489jortonThis directive sets the directory where you keep the certificates and
f7ac17a355153b91b25db5d526afd752465aa489jortonkeys used for authentication of the proxy server to remote servers.
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>The files in this directory must be PEM-encoded and are accessed through
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonhash filenames. Additionally, you must create symbolic links named
f7ac17a355153b91b25db5d526afd752465aa489jorton<code><em>hash-value</em>.N</code>. And you should always make sure this
f7ac17a355153b91b25db5d526afd752465aa489jortondirectory contains the appropriate symbolic links.</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>Currently there is no support for encrypted private keys</p>
f7ac17a355153b91b25db5d526afd752465aa489jortonSSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/
f28cb43e0ae51d68dee099bbf7ddbc84252cbd7eigalic</directivesynopsis>
6b61d4aa37ff7f6281bec53463ba667e461c7efesf<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of concatenated PEM-encoded client certificates and keys to be used by the proxy</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLProxyMachineCertificateFile <em>filename</em></syntax>
0eead7b938755d271961071a208b9934617ecedfrpluem<contextlist><context>server config</context></contextlist>
0eead7b938755d271961071a208b9934617ecedfrpluemThis directive sets the all-in-one file where you keep the certificates and
0eead7b938755d271961071a208b9934617ecedfrpluemkeys used for authentication of the proxy server to remote servers.
0eead7b938755d271961071a208b9934617ecedfrpluemThis referenced file is simply the concatenation of the various PEM-encoded
53dc45378bd4ed291a736a89089387f48b9005f1jortoncertificate files, in order of preference. Use this directive alternatively
53dc45378bd4ed291a736a89089387f48b9005f1jortonor additionally to <code>SSLProxyMachineCertificatePath</code>.
53dc45378bd4ed291a736a89089387f48b9005f1jorton<p>Currently there is no support for encrypted private keys</p>
53dc45378bd4ed291a736a89089387f48b9005f1jortonSSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem
53dc45378bd4ed291a736a89089387f48b9005f1jorton</directivesynopsis>
53dc45378bd4ed291a736a89089387f48b9005f1jorton<directivesynopsis>
53dc45378bd4ed291a736a89089387f48b9005f1jorton<description>File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate</description>
0eead7b938755d271961071a208b9934617ecedfrpluem<syntax>SSLProxyMachineCertificateChainFile <em>filename</em></syntax>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<contextlist><context>server config</context></contextlist>
0eead7b938755d271961071a208b9934617ecedfrpluemThis directive sets the all-in-one file where you keep the certificate chain
0eead7b938755d271961071a208b9934617ecedfrpluemfor all of the client certs in use. This directive will be needed if the
e3715027f352040ef98da03359b00f13ddb506cbrpluemremote server presents a list of CA certificates that are not direct signers
e3715027f352040ef98da03359b00f13ddb506cbrpluemof one of the configured client certificates.
e3715027f352040ef98da03359b00f13ddb506cbrpluemThis referenced file is simply the concatenation of the various PEM-encoded
e3715027f352040ef98da03359b00f13ddb506cbrpluemcertificate files. Upon startup, each client certificate configured will
e3715027f352040ef98da03359b00f13ddb506cbrpluembe examined and a chain of trust will be constructed.
b4f25203520c168e2df9f7d83024db09e68efe7ecovener<p>If this directive is enabled, all of the certificates in the file will be
e3715027f352040ef98da03359b00f13ddb506cbrpluemtrusted as if they were also in <directive module="mod_ssl">
1fd5131d5732e639b0b4225ca0afea717c41bc11trawickSSLProxyMachineCertificateChainFile /usr/local/apache2/conf/ssl.crt/proxyCA.pem
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalic</directivesynopsis>
e3715027f352040ef98da03359b00f13ddb506cbrpluem<directivesynopsis>
e3715027f352040ef98da03359b00f13ddb506cbrpluem<description>Type of remote server Certificate verification</description>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<p>When a proxy is configured to forward requests to a remote SSL
e3715027f352040ef98da03359b00f13ddb506cbrpluemserver, this directive can be used to configure certificate
e3715027f352040ef98da03359b00f13ddb506cbrpluemverification of the remote server. </p>
e3715027f352040ef98da03359b00f13ddb506cbrpluemThe following levels are available for <em>level</em>:</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads no remote server Certificate is required at all</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server <em>may</em> present a valid Certificate</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server <em>has to</em> present a valid Certificate</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server may present a valid Certificate<br />
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads but it need not to be (successfully) verifiable.</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>require</strong> are really interesting, because level
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>optional</strong> doesn't work with all servers and level
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>optional_no_ca</strong> is actually against the idea of
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowenauthentication (but can be used to establish SSL test pages, etc.)</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsSSLProxyVerify require
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh</directivesynopsis>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<description>Maximum depth of CA Certificates in Remote Server
d99faa99674be527e7fcc0ab5903463be779934drbowenCertificate verification</description>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets how deeply mod_ssl should verify before deciding that the
d99faa99674be527e7fcc0ab5903463be779934drbowenremote server does not have a valid certificate. </p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe depth actually is the maximum number of intermediate certificate issuers,
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsi.e. the number of CA certificates which are max allowed to be followed while
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsverifying the remote server certificate. A depth of 0 means that self-signed
d99faa99674be527e7fcc0ab5903463be779934drbowenremote server certificates are accepted only, the default depth of 1 means
d99faa99674be527e7fcc0ab5903463be779934drbowenthe remote server certificate can be self-signed or has to be signed by a CA
d99faa99674be527e7fcc0ab5903463be779934drbowenwhich is directly known to the server (i.e. the CA's certificate is under
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLProxyCACertificatePath</directive>), etc.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyVerifyDepth 10
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads</directivesynopsis>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<directivesynopsis>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<description>Whether to check if remote server certificate is expired
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads</description>
44985e4f931d3a75a7e5108705010cc21605ee34druggeriThis directive sets whether it is checked if the remote server certificate
44985e4f931d3a75a7e5108705010cc21605ee34druggeriis expired or not. If the check fails a 502 status code (Bad Gateway) is
44985e4f931d3a75a7e5108705010cc21605ee34druggeriSSLProxyCheckPeerExpire on
44985e4f931d3a75a7e5108705010cc21605ee34druggeri</directivesynopsis>
44985e4f931d3a75a7e5108705010cc21605ee34druggeri<directivesynopsis>
44985e4f931d3a75a7e5108705010cc21605ee34druggeri<description>Whether to check the remote server certificates CN field
44985e4f931d3a75a7e5108705010cc21605ee34druggeri</description>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohThis directive sets whether the remote server certificates CN field is
44985e4f931d3a75a7e5108705010cc21605ee34druggericompared against the hostname of the request URL. If both are not equal
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooha 502 status code (Bad Gateway) is sent.
44985e4f931d3a75a7e5108705010cc21605ee34druggeriSSLProxyCheckPeerCN on
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>SSL Proxy Engine Operation Switch</description>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive toggles the usage of the SSL/TLS Protocol Engine for proxy. This
d99faa99674be527e7fcc0ab5903463be779934drbowentype="section">VirtualHost</directive> section to enable SSL/TLS for proxy
d99faa99674be527e7fcc0ab5903463be779934drbowenusage in a particular virtual host. By default the SSL/TLS Protocol Engine is
d99faa99674be527e7fcc0ab5903463be779934drbowendisabled for proxy image both for the main server and all configured virtual hosts.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<VirtualHost _default_:443><br />
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyEngine on<br />
d99faa99674be527e7fcc0ab5903463be779934drbowen</VirtualHost>
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Configure usable SSL protocol flavors for proxy usage</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyProtocol [+|-]<em>protocol</em> ...</syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<!-- XXX Why does this have an override and not .htaccess context? -->
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive can be used to control the SSL protocol flavors mod_ssl should
d99faa99674be527e7fcc0ab5903463be779934drbowenuse when establishing its server environment for proxy . It will only connect
d99faa99674be527e7fcc0ab5903463be779934drbowento servers using one of the provided protocols.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Please refer to <directive module="mod_ssl">SSLProtocol</directive>
ab20e201bcefe9fa3fb65d6218773ffa7190a3f9slivefor additional information.
68aed4e74d7db15eaab99b93bb8a10f981979626covener</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Cipher Suite available for negotiation in SSL
68aed4e74d7db15eaab99b93bb8a10f981979626covenerproxy handshake</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCipherSuite <em>cipher-spec</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<default>SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP</default>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Equivalent to <code>SSLCipherSuite</code>, but for the proxy connection.
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohPlease refer to <directive module="mod_ssl">SSLCipherSuite</directive>
d99faa99674be527e7fcc0ab5903463be779934drbowenfor additional information.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<description>Directory of PEM-encoded CA Certificates for
8f2700898323915da289644dc1f3ee11a5e5b4earpluemRemote Server Auth</description>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<syntax>SSLProxyCACertificatePath <em>directory-path</em></syntax>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemThis directive sets the directory where you keep the Certificates of
8f2700898323915da289644dc1f3ee11a5e5b4earpluemCertification Authorities (CAs) whose remote servers you deal with. These are used to
8f2700898323915da289644dc1f3ee11a5e5b4earpluemverify the remote server certificate on Remote Server Authentication.</p>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemThe files in this directory have to be PEM-encoded and are accessed through
8f2700898323915da289644dc1f3ee11a5e5b4earpluemhash filenames. So usually you can't just place the Certificate files
8f2700898323915da289644dc1f3ee11a5e5b4earpluemthere: you also have to create symbolic links named
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<em>hash-value</em><code>.N</code>. And you should always make sure this directory
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohcontains the appropriate symbolic links.</p>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohSSLProxyCACertificatePath /usr/local/apache2/conf/ssl.crt/
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<description>File of concatenated PEM-encoded CA Certificates
8f2700898323915da289644dc1f3ee11a5e5b4earpluemfor Remote Server Auth</description>
9e208f082c3decf02610a0c49f0f5688ea3eb8f9rpluem<syntax>SSLProxyCACertificateFile <em>file-path</em></syntax>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemThis directive sets the <em>all-in-one</em> file where you can assemble the
8f2700898323915da289644dc1f3ee11a5e5b4earpluemCertificates of Certification Authorities (CA) whose <em>remote servers</em> you deal
8f2700898323915da289644dc1f3ee11a5e5b4earpluemwith. These are used for Remote Server Authentication. Such a file is simply the
8f2700898323915da289644dc1f3ee11a5e5b4earpluemconcatenation of the various PEM-encoded Certificate files, in order of
8f2700898323915da289644dc1f3ee11a5e5b4earpluempreference. This can be used alternatively and/or additionally to
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directive module="mod_ssl">SSLProxyCACertificatePath</directive>.</p>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemSSLProxyCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-remote-server.crt
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Directory of PEM-encoded CA CRLs for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCARevocationPath <em>directory-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the directory where you keep the Certificate Revocation
d99faa99674be527e7fcc0ab5903463be779934drbowenLists (CRL) of Certification Authorities (CAs) whose remote servers you deal with.
d99faa99674be527e7fcc0ab5903463be779934drbowenThese are used to revoke the remote server certificate on Remote Server Authentication.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe files in this directory have to be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. So usually you have not only to place the CRL files there.
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowenAdditionally you have to create symbolic links named
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowen<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowencontains the appropriate symbolic links.</p>
c7b47f38f2cce328c6fb70db9fd1cdc7db0cea3brbowenSSLProxyCARevocationPath /usr/local/apache2/conf/ssl.crl/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<directivesynopsis>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<description>File of concatenated PEM-encoded CA CRLs for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<syntax>SSLProxyCARevocationFile <em>file-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the <em>all-in-one</em> file where you can
d99faa99674be527e7fcc0ab5903463be779934drbowenassemble the Certificate Revocation Lists (CRL) of Certification
d99faa99674be527e7fcc0ab5903463be779934drbowenAuthorities (CA) whose <em>remote servers</em> you deal with. These are used
d99faa99674be527e7fcc0ab5903463be779934drbowenfor Remote Server Authentication. Such a file is simply the concatenation of
d99faa99674be527e7fcc0ab5903463be779934drbowenthe various PEM-encoded CRL files, in order of preference. This can be
d99faa99674be527e7fcc0ab5903463be779934drbowenmodule="mod_ssl">SSLProxyCARevocationPath</directive>.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-remote-server.crl
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Enable CRL-based revocation checking for Remote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCARevocationCheck chain|leaf|none</syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenEnables certificate revocation list (CRL) checking for the
d99faa99674be527e7fcc0ab5903463be779934drbowen<em>remote servers</em> you deal with. At least one of
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLProxyCARevocationFile</directive>
d99faa99674be527e7fcc0ab5903463be779934drbowenor <directive module="mod_ssl">SSLProxyCARevocationPath</directive> must be
d99faa99674be527e7fcc0ab5903463be779934drbowenconfigured. When set to <code>chain</code> (recommended setting),
d99faa99674be527e7fcc0ab5903463be779934drbowenCRL checks are applied to all certificates in the chain, while setting it to
d99faa99674be527e7fcc0ab5903463be779934drbowen<code>leaf</code> limits the checks to the end-entity cert.
d99faa99674be527e7fcc0ab5903463be779934drbowen<title>When set to <code>chain</code> or <code>leaf</code>,
d99faa99674be527e7fcc0ab5903463be779934drbowenCRLs <em>must</em> be available for successful validation</title>
d99faa99674be527e7fcc0ab5903463be779934drbowenPrior to version 2.3.15, CRL checking in mod_ssl also succeeded when
d99faa99674be527e7fcc0ab5903463be779934drbowenno CRL(s) were found in any of the locations configured with
2e1789ae4b1b62d36ed53ccdd391f626640d642frbowen<directive module="mod_ssl">SSLProxyCARevocationFile</directive>
d99faa99674be527e7fcc0ab5903463be779934drbowenor <directive module="mod_ssl">SSLProxyCARevocationPath</directive>.
d99faa99674be527e7fcc0ab5903463be779934drbowenWith the introduction of this directive, the behavior has been changed:
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimwhen checking is enabled, CRLs <em>must</em> be present for the validation
d99faa99674be527e7fcc0ab5903463be779934drbowento succeed - otherwise it will fail with an
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyCARevocationCheck chain
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Variable name to determine user name</description>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabele<compatibility>Available in Apache 2.0.51 and later</compatibility>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the "user" field in the Apache request object.
d99faa99674be527e7fcc0ab5903463be779934drbowenThis is used by lower modules to identify the user with a character
d99faa99674be527e7fcc0ab5903463be779934drbowenstring. In particular, this may cause the environment variable
d99faa99674be527e7fcc0ab5903463be779934drbowen<code>REMOTE_USER</code> to be set. The <em>varname</em> can be
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jimany of the <a href="#envvars">SSL environment variables</a>.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Note that this directive has no effect if the
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLUserName SSL_CLIENT_S_DN_CN
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
860b4efe27e7c1c9a2bf5c872b29c90f76849b51jim<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Option to prefer the server's cipher preference order</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<compatibility>Available in Apache 2.1 and later, if using OpenSSL 0.9.7 or later</compatibility>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>When choosing a cipher during an SSLv3 or TLSv1 handshake, normally
d99faa99674be527e7fcc0ab5903463be779934drbowenthe client's preference is used. If this directive is enabled, the
d99faa99674be527e7fcc0ab5903463be779934drbowenserver's preference will be used instead.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLHonorCipherOrder on
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Enable use of a cryptographic hardware accelerator</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<contextlist><context>server config</context></contextlist>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive enables use of a cryptographic hardware accelerator
943058dd6ec8f21d88204c1f2dc67bf86b1d2e5arbowenboard to offload some of the SSL processing overhead. This directive
d99faa99674be527e7fcc0ab5903463be779934drbowencan only be used if the SSL toolkit is built with "engine" support;
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohOpenSSL 0.9.7 and later releases have "engine" support by default, the
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleseparate "-engine" releases of OpenSSL 0.9.6 must be used.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>To discover which engine names are supported, run the command
d99faa99674be527e7fcc0ab5903463be779934drbowen# For a Broadcom accelerator:<br />
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLCryptoDevice ubsec
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Enable OCSP validation of the client certificate chain</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>This option enables OCSP validation of the client certificate
d99faa99674be527e7fcc0ab5903463be779934drbowenchain. If this option is enabled, certificates in the client's
d99faa99674be527e7fcc0ab5903463be779934drbowencertificate chain will be validated against an OCSP responder after
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohnormal verification (including CRL checks) have taken place.</p>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<p>The OCSP responder used is either extracted from the certificate
d99faa99674be527e7fcc0ab5903463be779934drbowenitself, or derived by configuration; see the
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLOCSPDefaultResponder</directive> and
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLOCSPOverrideResponder</directive>
d99faa99674be527e7fcc0ab5903463be779934drbowendirectives.</p>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLVerifyClient on<br/>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLOCSPEnable on<br/>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLOCSPDefaultResponder http://responder.example.com:8888/responder<br/>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandSSLOCSPOverrideResponder on
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand</directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<description>Set the default responder URI for OCSP validation</description>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<p>This option sets the default OCSP responder to use. If <directive
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandmodule="mod_ssl">SSLOCSPOverrideResponder</directive> is not enabled,
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandthe URI given will be used only if no responder URI is specified in
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandthe certificate being verified.</p>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand</directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<directivesynopsis>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<description>Force use of the default responder URI for OCSP validation</description>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<syntax>SSLOCSPOverrideResponder <em>flag</em></syntax>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<p>This option forces the configured default OCSP responder to be used
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandduring OCSP certificate validation, regardless of whether the
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrandcertificate being validated references an OCSP responder.</p>
77504f17963a8dd941a921d9ddfa25ddb0f348d6kbrand</directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<description>Maximum allowable time skew for OCSP response validation</description>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<syntax>SSLOCSPResponseTimeSkew <em>seconds</em></syntax>
72266eec881e63906c7d415ed0cc3c144c7337b8jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<p>This option sets the maximum allowable time skew for OCSP responses
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton(when checking their <code>thisUpdate</code> and <code>nextUpdate</code> fields).</p>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton</directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<directivesynopsis>
1ab9cf3bb2ffedd3dd13008be6a1d64423afeefejorton<description>Maximum allowable age for OCSP responses</description>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<p>This option sets the maximum allowable age ("freshness") for OCSP responses.
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonThe default value (<code>-1</code>) does not enforce a maximum age,
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonwhich means that OCSP responses are considered valid as long as their
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton</directivesynopsis>
04cbb7628e2c07fd67e84a77881aeeefb8a6c252sf<directivesynopsis>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<syntax>SSLOCSPResponderTimeout <em>seconds</em></syntax>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<p>This option sets the timeout for queries to OCSP responders, when
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<directive module="mod_ssl">SSLOCSPEnable</directive> is turned on.</p>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton</directivesynopsis>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<directivesynopsis>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<description>Option to enable support for insecure renegotiation</description>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<syntax>SSLInsecureRenegotiation <em>flag</em></syntax>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<compatibility>Available in httpd 2.2.15 and later, if using OpenSSL 0.9.8m or later</compatibility>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<p>As originally specified, all versions of the SSL and TLS protocols
4cd185b8f43b3014d0ef735b16c733844956c665jorton(up to and including TLS/1.2) were vulnerable to a Man-in-the-Middle
4cd185b8f43b3014d0ef735b16c733844956c665jorton(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>)
4cd185b8f43b3014d0ef735b16c733844956c665jortonduring a renegotiation. This vulnerability allowed an attacker to
4cd185b8f43b3014d0ef735b16c733844956c665jorton"prefix" a chosen plaintext to the HTTP request as seen by the web
4cd185b8f43b3014d0ef735b16c733844956c665jortonserver. A protocol extension was developed which fixed this
4cd185b8f43b3014d0ef735b16c733844956c665jortonvulnerability if supported by both client and server.</p>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<p>If <module>mod_ssl</module> is linked against OpenSSL version 0.9.8m
4cd185b8f43b3014d0ef735b16c733844956c665jortonor later, by default renegotiation is only supported with
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohclients supporting the new protocol extension. If this directive is
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohenabled, renegotiation will be allowed with old (unpatched) clients,
4cd185b8f43b3014d0ef735b16c733844956c665jortonalbeit insecurely.</p>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<p>If this directive is enabled, SSL connections will be vulnerable to
4cd185b8f43b3014d0ef735b16c733844956c665jortonthe Man-in-the-Middle prefix attack as described
4cd185b8f43b3014d0ef735b16c733844956c665jortonin <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonSSLInsecureRenegotiation on
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>The <code>SSL_SECURE_RENEG</code> environment variable can be used
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonfrom an SSI or CGI script to determine whether secure renegotiation is
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonsupported for a given SSL connection.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Enable stapling of OCSP responses in the TLS handshake</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<p>This option enables OCSP stapling, as defined by the "Certificate
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohStatus Request" TLS extension specified in RFC 6066. If enabled (and
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonrequested by the client), mod_ssl will include an OCSP response
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohfor its own certificate in the TLS handshake. Configuring an
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directive module="mod_ssl">SSLStaplingCache</directive> is a
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonprerequisite for enabling OCSP stapling.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>OCSP stapling relieves the client of querying the OCSP responder
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonon its own, but it should be noted that in its current specification,
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonthe server's <code>CertificateStatus</code> reply may only include an
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonOCSP response for a single cert. For server certificates with intermediate
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonCA certificates in their chain (the typical case nowadays),
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonstapling in its current form therefore only partially achieves the
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonstated goal of "saving roundtrips and resources" - see also the <a
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonhref="https://datatracker.ietf.org/doc/draft-pettersen-tls-ext-multiple-ocsp/">
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton"Adding Multiple TLS Certificate Status Extension requests"</a> Internet draft.
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Configures the OCSP stapling cache</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<contextlist><context>server config</context></contextlist>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>Configures the cache used to store OCSP responses which get included
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonin the TLS handshake if <directive module="mod_ssl">SSLUseStapling</directive>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonis enabled. Configuration of a cache is mandatory for OCSP stapling.
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonWith the exception of <code>none</code> and <code>nonenotnull</code>,
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonthe same storage types are supported as with
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directive module="mod_ssl">SSLSessionCache</directive>.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Maximum allowable time skew for OCSP stapling response validation</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLStaplingResponseTimeSkew <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the maximum allowable time skew when mod_ssl checks the
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<code>thisUpdate</code> and <code>nextUpdate</code> fields of OCSP responses
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonwhich get included in the TLS handshake (OCSP stapling). Only applicable
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonif <directive module="mod_ssl">SSLUseStapling</directive> is turned on.</p>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Timeout for OCSP stapling queries</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLStaplingResponderTimeout <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the timeout for queries to OCSP responders when
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directive module="mod_ssl">SSLUseStapling</directive> is enabled
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonand mod_ssl is querying a responder for OCSP stapling purposes.</p>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Maximum allowable age for OCSP stapling responses</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLStaplingResponseMaxAge <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the maximum allowable age ("freshness") when
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonconsidering OCSP responses for stapling purposes, i.e. when
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directive module="mod_ssl">SSLUseStapling</directive> is turned on.
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonThe default value (<code>-1</code>) does not enforce a maximum age,
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonwhich means that OCSP responses are considered valid as long as their
f7489468254ddf807594db3dfb994035f0ec1c7djorton</directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<description>Number of seconds before expiring responses in the OCSP stapling cache</description>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<syntax>SSLStaplingStandardCacheTimeout <em>seconds</em></syntax>
d65e1c07c15ae58d79d1413fcba46c6eaddefd00rjung<default>SSLStaplingStandardCacheTimeout 3600</default>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<p>Sets the timeout in seconds before responses in the OCSP stapling cache
f7489468254ddf807594db3dfb994035f0ec1c7djorton(configured through <directive module="mod_ssl">SSLStaplingCache</directive>)
f7489468254ddf807594db3dfb994035f0ec1c7djortonwill expire. This directive applies to <em>valid</em> responses, while
f7489468254ddf807594db3dfb994035f0ec1c7djorton<directive module="mod_ssl">SSLStaplingErrorCacheTimeout</directive> is
f7489468254ddf807594db3dfb994035f0ec1c7djortonused for controlling the timeout for invalid/unavailable responses.
2abdc0d12bb0cdad4f5c9e5b10b80cc5b0317fb3rjung</directivesynopsis>
681179909163fc15393800e50de63b9db31b2ee3jorton<directivesynopsis>
681179909163fc15393800e50de63b9db31b2ee3jorton<description>Pass stapling related OCSP errors on to client</description>
681179909163fc15393800e50de63b9db31b2ee3jorton<syntax>SSLStaplingReturnResponderErrors on|off</syntax>
681179909163fc15393800e50de63b9db31b2ee3jorton<default>SSLStaplingReturnResponderErrors on</default>
681179909163fc15393800e50de63b9db31b2ee3jorton<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedooh<p>When enabled, mod_ssl will pass responses from unsuccessful
f7489468254ddf807594db3dfb994035f0ec1c7djortonstapling related OCSP queries (such as status errors, expired responses etc.)
bf7b78833873ce53ce52fb2a78d6b8bf1a3b5d6dhumbedoohon to the client. If set to <code>off</code>, no stapled responses
f7489468254ddf807594db3dfb994035f0ec1c7djortonfor failed queries will be included in the TLS handshake.</p>
681179909163fc15393800e50de63b9db31b2ee3jorton</directivesynopsis>
681179909163fc15393800e50de63b9db31b2ee3jorton<directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<description>Synthesize "tryLater" responses for failed OCSP stapling queries</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>When enabled and a query to an OCSP responder for stapling
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandpurposes fails, mod_ssl will synthesize a "tryLater" response for the
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandclient. Only effective if <directive
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandmodule="mod_ssl">SSLStaplingReturnResponderErrors</directive>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandis also enabled.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Number of seconds before expiring invalid responses in the OCSP stapling cache</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLStaplingErrorCacheTimeout <em>seconds</em></syntax>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>Sets the timeout in seconds before <em>invalid</em> responses
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandin the OCSP stapling cache (configured through <directive
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandmodule="mod_ssl">SSLStaplingCache</directive>) will expire.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandTo set the cache timeout for valid responses, see
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLStaplingStandardCacheTimeout</directive>.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Override the OCSP responder URI specified in the certificate's AIA extension</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>This directive overrides the URI of an OCSP responder as obtained from
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandthe authorityInfoAccess (AIA) extension of the certificate.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandOf potential use when going through a proxy for retrieving OCSP queries.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<description>Persistent encryption/decryption key for TLS session tickets</description>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<syntax>SSLSessionTicketKeyFile <em>file-path</em></syntax>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<compatibility>Available in httpd 2.4.0 and later, if using OpenSSL 0.9.8h or later</compatibility>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>Optionally configures a secret key for encrypting and decrypting
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandTLS session tickets, as defined in
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<a href="http://www.ietf.org/rfc/rfc5077.txt">RFC 5077</a>.
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandPrimarily suitable for clustered environments where TLS sessions information
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandshould be shared between multiple nodes. For single-instance httpd setups,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandit is recommended to <em>not</em> configure a ticket key file, but to
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandrely on (random) keys generated by mod_ssl at startup, instead.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>The ticket key file must contain 48 bytes of random data,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandpreferrably created from a high-entropy source. On a Unix-based system,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbranda ticket key file can be created as follows:</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>Ticket keys should be rotated (replaced) on a frequent basis,
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandas this is the only way to invalidate an existing session ticket -
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandOpenSSL currently doesn't allow to specify a limit for ticket lifetimes.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<p>The ticket key file contains sensitive keying material and should
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrandbe protected with file permissions similar to those used for
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand<directive module="mod_ssl">SSLCertificateKeyFile</directive>.</p>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</directivesynopsis>
fd307f86defc1bccebc66ba0a9781a1fa2f332c2kbrand</modulesynopsis>