mod_ssl.xml revision fbcc97f10f1edb3bdcb0c66cba273abca56c670d
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
e942c741056732f50da2074b36fe59805d370650slive<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
5f5d1b4cc970b7f06ff8ef6526128e9a27303d88nd<!-- $LastChangedRevision$ -->
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding Licensed to the Apache Software Foundation (ASF) under one or more
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding contributor license agreements. See the NOTICE file distributed with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding this work for additional information regarding copyright ownership.
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding The ASF licenses this file to You under the Apache License, Version 2.0
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding (the "License"); you may not use this file except in compliance with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding the License. You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Strong cryptography using the Secure Sockets
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveLayer (SSL) and Transport Layer Security (TLS) protocols</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>This module provides SSL v2/v3 and TLS v1 support for the Apache
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierHTTP Server. It was contributed by Ralf S. Engelschall based on his
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemod_ssl project and originally derived from work by Ben Laurie.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>This module relies on <a href="http://www.openssl.org/">OpenSSL</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto provide the cryptography engine.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>Further details, discussion, and examples are provided in the
53bae66d3dc14a667e14a451f7bc65a893dd450fnd<section id="envvars"><title>Environment Variables</title>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>This module provides a lot of SSL information as additional environment
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevariables to the SSI and CGI namespace. The generated variables are listed in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe table below. For backward compatibility the information can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivebe made available under different names, too. Look in the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="/ssl/ssl_compat.html">Compatibility</a> chapter for details on the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecompatibility variables.</p>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".3"/><column width=".2"/><column width=".5"/>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive</columnspec>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>HTTPS</code></td> <td>flag</td> <td>HTTPS is being used.</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_PROTOCOL</code></td> <td>string</td> <td>The SSL protocol version (SSLv2, SSLv3, TLSv1)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SESSION_ID</code></td> <td>string</td> <td>The hex-encoded SSL session id</td></tr>
98b409eae9ad8033008f8589b5c7c02ed49db767sctemme<tr><td><code>SSL_SESSION_RESUMED</code></td> <td>string</td> <td>Initial or Resumed SSL Session. Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use</td></tr>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<tr><td><code>SSL_SECURE_RENEG</code></td> <td>string</td> <td><code>true</code> if secure renegotiation is supported, else <code>false</code></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER</code></td> <td>string</td> <td>The cipher specification name</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_EXPORT</code></td> <td>string</td> <td><code>true</code> if cipher is an export cipher</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_USEKEYSIZE</code></td> <td>number</td> <td>Number of cipher bits (actually used)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CIPHER_ALGKEYSIZE</code></td> <td>number</td> <td>Number of cipher bits (possible)</td></tr>
08ff7ca3674b179f36b9e0798ae2a9bdbb72c437wrowe<tr><td><code>SSL_COMPRESS_METHOD</code></td> <td>string</td> <td>SSL compression method negotiated</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_VERSION_INTERFACE</code></td> <td>string</td> <td>The mod_ssl program version</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_VERSION_LIBRARY</code></td> <td>string</td> <td>The OpenSSL program version</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_M_VERSION</code></td> <td>string</td> <td>The version of the client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_M_SERIAL</code></td> <td>string</td> <td>The serial of the client certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_S_DN</code></td> <td>string</td> <td>Subject DN in client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_S_DN_</code><em>x509</em></td> <td>string</td> <td>Component of client's Subject DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_I_DN</code></td> <td>string</td> <td>Issuer DN of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_I_DN_</code><em>x509</em></td> <td>string</td> <td>Component of client's Issuer DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_V_START</code></td> <td>string</td> <td>Validity of client's certificate (start time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_V_END</code></td> <td>string</td> <td>Validity of client's certificate (end time)</td></tr>
8514af9d926a1c330756d11eb71acfcf6e8e56bdjorton<tr><td><code>SSL_CLIENT_V_REMAIN</code></td> <td>string</td> <td>Number of days until client's certificate expires</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of client's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_CERT</code></td> <td>string</td> <td>PEM-encoded client certificate</td></tr>
256c9fec76025218e564ad19e100d4a38da10f42jorton<tr><td><code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em></td> <td>string</td> <td>PEM-encoded certificates in client certificate chain</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_CLIENT_VERIFY</code></td> <td>string</td> <td><code>NONE</code>, <code>SUCCESS</code>, <code>GENEROUS</code> or <code>FAILED:</code><em>reason</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_M_VERSION</code></td> <td>string</td> <td>The version of the server certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_M_SERIAL</code></td> <td>string</td> <td>The serial of the server certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_S_DN</code></td> <td>string</td> <td>Subject DN in server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_S_DN_</code><em>x509</em></td> <td>string</td> <td>Component of server's Subject DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_I_DN</code></td> <td>string</td> <td>Issuer DN of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_I_DN_</code><em>x509</em></td> <td>string</td> <td>Component of server's Issuer DN</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_V_START</code></td> <td>string</td> <td>Validity of server's certificate (start time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_V_END</code></td> <td>string</td> <td>Validity of server's certificate (end time)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_A_SIG</code></td> <td>string</td> <td>Algorithm used for the signature of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_A_KEY</code></td> <td>string</td> <td>Algorithm used for the public key of server's certificate</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSL_SERVER_CERT</code></td> <td>string</td> <td>PEM-encoded server certificate</td></tr>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<p><em>x509</em> specifies a component of an X.509 DN; one of
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jorton<code>C,ST,L,O,OU,CN,T,I,G,S,D,UID,Email</code>. In Apache 2.1 and
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonlater, <em>x509</em> may also include a numeric <code>_n</code>
48a0d431b5507ffaedacaea4f5d134c8f2f118f2jortonsuffix. If the DN in question contains multiple attributes of the
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonsame name, this suffix is used as a zero-based index to select a
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonparticular attribute. For example, where the server certificate
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonsubject DN included two OU attributes, <code>SSL_SERVER_S_DN_OU_0</code>
fbcc97f10f1edb3bdcb0c66cba273abca56c670djorton<code>SSL_SERVER_S_DN_OU_1</code> could be used to reference each. A
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonvariable name without a <code>_n</code> suffix is equivalent to that
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonname with a <code>_0</code> suffix; the first (or only) attribute.
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonWhen the environment table is populated using
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonthe <directive module="mod_ssl">SSLOptions</directive> directive, the
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonfirst (or only) attribute of any DN is added only under a non-suffixed
fbcc97f10f1edb3bdcb0c66cba273abca56c670djortonname; i.e. no <code>_0</code> suffixed entries are added.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf<p>The format of the <em>*_DN</em> variables has changed in Apache HTTPD
1b1621900bd89ddc496d721c865a726f635ebd7esf2.3.11. See the <code>LegacyDNStringFormat</code> option for
1b1621900bd89ddc496d721c865a726f635ebd7esf<directive module="mod_ssl">SSLOptions</directive> for details.</p>
8514af9d926a1c330756d11eb71acfcf6e8e56bdjorton<p><code>SSL_CLIENT_V_REMAIN</code> is only available in version 2.1
8514af9d926a1c330756d11eb71acfcf6e8e56bdjortonand later.</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>A number of additional environment variables can also be used
f7ac17a355153b91b25db5d526afd752465aa489jortonin <directive>SSLRequire</directive> expressions, or in custom log
f7ac17a355153b91b25db5d526afd752465aa489jortonformats:</p>
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_REFERER QUERY_STRING SERVER_SOFTWARE
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_COOKIE REMOTE_HOST API_VERSION
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_FORWARDED REMOTE_IDENT TIME_YEAR
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_HOST IS_SUBREQ TIME_MON
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_PROXY_CONNECTION DOCUMENT_ROOT TIME_DAY
f7ac17a355153b91b25db5d526afd752465aa489jortonHTTP_ACCEPT SERVER_ADMIN TIME_HOUR
f7ac17a355153b91b25db5d526afd752465aa489jortonTHE_REQUEST SERVER_NAME TIME_MIN
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_FILENAME SERVER_PORT TIME_SEC
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_METHOD SERVER_PROTOCOL TIME_WDAY
f7ac17a355153b91b25db5d526afd752465aa489jortonREQUEST_SCHEME REMOTE_ADDR TIME
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>In these contexts, two special formats can also be used:</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton <dd>This will expand to the standard environment
f7ac17a355153b91b25db5d526afd752465aa489jorton <dd>This will expand to the value of the request header with name
53bae66d3dc14a667e14a451f7bc65a893dd450fnd<section id="logformats"><title>Custom Log Formats</title>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>When <module>mod_ssl</module> is built into Apache or at least
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveloaded (under DSO situation) additional functions exist for the <a
199a8ee5984e3708982fab1ba6ebb0a5feaea90cndhref="mod_log_config.html#formats">Custom Log Format</a> of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveadditional ``<code>%{</code><em>varname</em><code>}x</code>''
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveeXtension format function which can be used to expand any variables
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprovided by any module, especially those provided by mod_ssl which can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveyou find in the above table.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveFor backward compatibility there is additionally a special
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive``<code>%{</code><em>name</em><code>}c</code>'' cryptography format function
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprovided. Information about this function is provided in the <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehref="/ssl/ssl_compat.html">Compatibility</a> chapter.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton<p><module>mod_ssl</module> sets "notes" for the request which can be
2ff3ef24f2af86bdafd2b4ca698091048e066b28jortonused in logging with the <code>%{<em>name</em>}n</code> format
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton <dd>This note is set to the value <code>1</code> if access was
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton or <directive>SSLRequireSSL</directive> directive.</dd>
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton <dd>If <module>mod_ssl</module> is built against a version of
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton OpenSSL which supports the secure renegotiation extension, this note
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton is set to the value <code>1</code> if SSL is in used for the current
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton connection, and the client also supports the secure renegotiation
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton extension. If the client does not support the secure renegotiation
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton extension, the note is set to the value <code>0</code>.
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton If <module>mod_ssl</module> is not built against a version of
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton OpenSSL which supports secure renegotiation, or if SSL is not in use
2ff3ef24f2af86bdafd2b4ca698091048e066b28jorton for the current connection, the note is not set.</dd>
eac658ceff08fb117e2484d8e16a38c775840b3fsf<section id="authzproviders"><title>Authorization providers for use with Require</title>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p><module>mod_ssl</module> provides a few authentication providers for use
eac658ceff08fb117e2484d8e16a38c775840b3fsf <directive module="mod_authz_core">Require</directive> directive.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The <code>ssl</code> provider denies access if a connection is not
eac658ceff08fb117e2484d8e16a38c775840b3fsf encrypted with SSL. This is similar to the
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require ssl
eac658ceff08fb117e2484d8e16a38c775840b3fsf </example>
eac658ceff08fb117e2484d8e16a38c775840b3fsf </section>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <section id="reqverifyclient"><title>Require ssl-verify-client</title>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The <code>ssl</code> provider allows access if the user is
eac658ceff08fb117e2484d8e16a38c775840b3fsf authenticated with a valid client certificate. This is only
eac658ceff08fb117e2484d8e16a38c775840b3fsf useful if <code>SSLVerifyClient optional</code> is in effect.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf <p>The following example grants access if the user is authenticated
eac658ceff08fb117e2484d8e16a38c775840b3fsf either with a client certificate or by username and password.</p>
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require ssl-verify-client<br/>
eac658ceff08fb117e2484d8e16a38c775840b3fsf Require valid-user
eac658ceff08fb117e2484d8e16a38c775840b3fsf </example>
eac658ceff08fb117e2484d8e16a38c775840b3fsf </section>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Type of pass phrase dialog for encrypted private
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivekeys</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveWhen Apache starts up it has to read the various Certificate (see
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCertificateFile</directive>) and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePrivate Key (see <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCertificateKeyFile</directive>) files of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSL-enabled virtual servers. Because for security reasons the Private
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveKey files are usually encrypted, mod_ssl needs to query the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveadministrator for a Pass Phrase in order to decrypt those files. This
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivequery can be done in two ways which can be configured by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the default where an interactive terminal dialog occurs at startup
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive time just before Apache detaches from the terminal. Here the administrator
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive has to manually enter the Pass Phrase for each encrypted Private Key file.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Because a lot of SSL-enabled virtual hosts can be configured, the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive following reuse-scheme is used to minimize the dialog: When a Private Key
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive file is encrypted, all known Pass Phrases (at the beginning there are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive none, of course) are tried. If one of those known Pass Phrases succeeds no
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive dialog pops up for this particular Private Key file. If none succeeded,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive another Pass Phrase is queried on the terminal and remembered for the next
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive round (where it perhaps can be reused).</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This scheme allows mod_ssl to be maximally flexible (because for N encrypted
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Private Key files you <em>can</em> use N different Pass Phrases - but then
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive you have to enter all of them, of course) while minimizing the terminal
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive dialog (i.e. when you use a single Pass Phrase for all N Private Key files
c668ba618761ec81a1ee079106036454e8a88c96jorton <p>This mode allows an external program to be used which acts as a
c668ba618761ec81a1ee079106036454e8a88c96jorton pipe to a particular input device; the program is sent the standard
c668ba618761ec81a1ee079106036454e8a88c96jorton prompt text used for the <code>builtin</code> mode on
c668ba618761ec81a1ee079106036454e8a88c96jorton <code>stdin</code>, and is expected to write password strings on
c668ba618761ec81a1ee079106036454e8a88c96jorton <code>stdout</code>. If several passwords are needed (or an
c668ba618761ec81a1ee079106036454e8a88c96jorton incorrect password is entered), additional prompt text will be
c668ba618761ec81a1ee079106036454e8a88c96jorton written subsequent to the first password being returned, and more
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Here an external program is configured which is called at startup for each
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive encrypted Private Key file. It is called with two arguments (the first is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive of the form ``<code>servername:portnumber</code>'', the second is either
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive ``<code>RSA</code>'' or ``<code>DSA</code>''), which indicate for which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive server and algorithm it has to print the corresponding Pass Phrase to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>stdout</code>. The intent is that this external program first runs
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive security checks to make sure that the system is not compromised by an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive attacker, and only when these checks were passed successfully it provides
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the Pass Phrase.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Both these security checks, and the way the Pass Phrase is determined, can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be as complex as you like. Mod_ssl just defines the interface: an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive executable program which provides the Pass Phrase on <code>stdout</code>.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Nothing more or less! So, if you're really paranoid about security, here
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive is your interface. Anything else has to be left as an exercise to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive administrator, because local security requirements are so different.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive The reuse-algorithm above is used here, too. In other words: The external
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive program is called only once per unique Pass Phrase.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLPassPhraseDialog exec:/usr/local/apache/sbin/pp-filter
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Pseudo Random Number Generator (PRNG) seeding
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivesource</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis configures one or more sources for seeding the Pseudo Random Number
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveGenerator (PRNG) in OpenSSL at startup time (<em>context</em> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>startup</code>) and/or just before a new SSL connection is established
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(<em>context</em> is <code>connect</code>). This directive can only be used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the global server context because the PRNG is a global facility.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe following <em>source</em> variants are available:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <p> This is the always available builtin seeding source. It's usage
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive consumes minimum CPU cycles under runtime and hence can be always used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive without drawbacks. The source used for seeding the PRNG contains of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive current time, the current process id and (when applicable) a randomly
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirier chosen 1KB extract of the inter-process scoreboard structure of Apache.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive The drawback is that this is not really a strong source and at startup
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive time (where the scoreboard is still not available) this source just
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive produces a few bytes of entropy. So you should always, at least for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses an external file <code>/path/to/source</code> as the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive source for seeding the PRNG. When <em>bytes</em> is specified, only the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive first <em>bytes</em> number of bytes of the file form the entropy (and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>bytes</em> is given to <code>/path/to/source</code> as the first
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive argument). When <em>bytes</em> is not specified the whole file forms the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy (and <code>0</code> is given to <code>/path/to/source</code> as
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the first argument). Use this especially at startup time, for instance
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>/dev/urandom</code> devices (which usually exist on modern Unix
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirier derivatives like FreeBSD and Linux).</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>But be careful</em>: Usually <code>/dev/random</code> provides only as
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive much entropy data as it actually has, i.e. when you request 512 bytes of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy, but the device currently has only 100 bytes available two things
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive can happen: On some platforms you receive only the 100 bytes while on
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive other platforms the read blocks until enough bytes are available (which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive can take a long time). Here using an existing <code>/dev/urandom</code> is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive better, because it never blocks and actually gives the amount of requested
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive data. The drawback is just that the quality of the received data may not
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be the best.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive On some platforms like FreeBSD one can even control how the entropy is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive actually generated, i.e. by which system interrupts. More details one can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive find under <em>rndcontrol(8)</em> on those platforms. Alternatively, when
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive your system lacks such a random device, you can use tool
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive like <a href="http://www.lothar.com/tech/crypto/">EGD</a>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive (Entropy Gathering Daemon) and run it's client program with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>exec:/path/to/program/</code> variant (see below) or use
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>egd:/path/to/egd-socket</code> (see below).</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses an external executable
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>/path/to/program</code> as the source for seeding the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive PRNG. When <em>bytes</em> is specified, only the first
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>bytes</em> number of bytes of its <code>stdout</code> contents
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive form the entropy. When <em>bytes</em> is not specified, the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entirety of the data produced on <code>stdout</code> form the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive entropy. Use this only at startup time when you need a very strong
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive seeding with the help of an external program (for instance as in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the example above with the <code>truerand</code> utility you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive find in the mod_ssl distribution which is based on the AT&T
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <em>truerand</em> library). Using this in the connection context
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive slows down the server too dramatically, of course. So usually you
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive should avoid using external programs in that context.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This variant uses the Unix domain socket of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive external Entropy Gathering Daemon (EGD) (see <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive href="http://www.lothar.com/tech/crypto/">http://www.lothar.com/tech
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive /crypto/</a>) to seed the PRNG. Use this if no random device exists
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRandomSeed startup builtin<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRandomSeed startup exec:/usr/local/bin/truerand 16<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRandomSeed connect builtin<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Type of the global/inter-process SSL Session
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCache</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<contextlist><context>server config</context></contextlist>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis configures the storage type of the global/inter-process SSL Session
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCache. This cache is an optional facility which speeds up parallel request
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprocessing. For requests to the same server process (via HTTP keep-alive),
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveOpenSSL already caches the SSL session information locally. But because modern
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclients request inlined images and other data via parallel requests (usually
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveup to four parallel requests are common) those requests are served by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>different</em> pre-forked server processes. Here an inter-process cache
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierhelps to avoid unnecessary session handshakes.</p>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djortonThe following four storage <em>type</em>s are currently supported:</p>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This disables the global/inter-process Session Cache. This
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton will incur a noticeable speed penalty and may cause problems if
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton using certain browsers, particularly if client certificates are
75394345f1e542f71a0a37c7755070543124af7ejim <p>This disables any global/inter-process Session Cache. However
42167da203d969a1402cf7ce09c14586c04af1dfjim it does force OpenSSL to send a non-null session ID to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This makes use of a DBM hashfile on the local disk to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton synchronize the local OpenSSL memory caches of the server
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton processes. This session cache may suffer reliability issues under
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>shm:/path/to/datafile</code>[<code>(</code><em>size</em><code>)</code>]
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <p>This makes use of a high-performance cyclic buffer
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton (approx. <em>size</em> bytes in size) inside a shared memory
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton segment in RAM (established via <code>/path/to/datafile</code>) to
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton synchronize the local OpenSSL memory caches of the server
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton processes. This is the recommended session cache.</p></li>
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton href="http://www.distcache.org/">distcache</a> distributed session
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton caching libraries. The argument should specify the location of
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton the server or proxy to be used using the distcache address syntax;
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton for example, <code>UNIX:/path/to/socket</code> specifies a UNIX
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton domain socket (typically a local dc_client proxy);
31b36a43da79a1f7fe303f0eb9b7c7bb1677a70djorton <code>IP:server.example.com:9001</code> specifies an IP
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLSessionCache shm:/usr/local/apache/logs/ssl_gcache_data(512000)
180b8666f2271cf300f22560ed3d78b30982c097trawick<p>The <code>ssl-cache</code> mutex is used to serialize access to
180b8666f2271cf300f22560ed3d78b30982c097trawickthe session cache to prevent corruption. This mutex can be configured
180b8666f2271cf300f22560ed3d78b30982c097trawickusing the <directive module="core">Mutex</directive> directive.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Number of seconds before an SSL session expires
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein the Session Cache</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLSessionCacheTimeout <em>seconds</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the timeout in seconds for the information stored in the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveglobal/inter-process SSL Session Cache and the OpenSSL internal memory cache.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveIt can be set as low as 15 for testing, but should be set to higher
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevalues like 300 in real life.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLSessionCacheTimeout 600
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive toggles the usage of the SSL/TLS Protocol Engine. This
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivetype="section">VirtualHost</directive> section to enable SSL/TLS for a
1428f44b421e1c9ee0721b4b709dd10064758c40rbowenthat virtual host. By default the SSL/TLS Protocol Engine is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedisabled for both the main server and all configured virtual hosts.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<VirtualHost _default_:443><br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLEngine on<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</VirtualHost>
98f1378491b66e5383a5340d9afe91dabf7f5010colm<p>In Apache 2.1 and later, <directive>SSLEngine</directive> can be set to
eaeb7393a93910f37b697c302d656f3ec2351835pquerna<a href="http://www.ietf.org/rfc/rfc2817.txt">RFC 2817</a>, Upgrading to TLS
eaeb7393a93910f37b697c302d656f3ec2351835pquernaWithin HTTP/1.1. At this time no web browsers support RFC 2817.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<directivesynopsis>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe<contextlist><context>server config</context></contextlist>
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweThis directive toggles the usage of the SSL library FIPS_mode flag.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweIt must be set in the global server context and cannot be configured
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowewith conflicting settings (SSLFIPS on followed by SSLFIPS off or
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowesimilar). The mode applies to all SSL library operations.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweIf httpd was compiled against an SSL library which did not support
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowethe FIPS_mode flag, <code>SSLFIPS on</code> will fail. Refer to the
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweFIPS 140-2 Security Policy document of the SSL provider library for
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowespecific requirements to use mod_ssl in a FIPS 140-2 approved mode
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweof operation; note that mod_ssl itself is not validated, but may be
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowedescribed as using FIPS 140-2 validated cryptographic module, when
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweall components are assembled and operated under the guidelines imposed
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wroweby the applicable Security Policy.
e9eabac76b50e8f00d0c391f6070d0f42db77aa2wrowe</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
610981f18632eeb2fbefd7d59681ebdfcba806fbjorton<description>Configure usable SSL protocol versions</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLProtocol [+|-]<em>protocol</em> ...</syntax>
610981f18632eeb2fbefd7d59681ebdfcba806fbjortonThis directive can be used to control which versions of the SSL protocol
610981f18632eeb2fbefd7d59681ebdfcba806fbjortonwill be accepted in new connections.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe available (case-insensitive) <em>protocol</em>s are:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the Secure Sockets Layer (SSL) protocol, version 2.0. It is the
a654b81078edd96412866655d47033a355152c2cpctony original SSL protocol as designed by Netscape Corporation. Though it's
a654b81078edd96412866655d47033a355152c2cpctony use has been deprecated, because of weaknesses in the security of the protocol.</p></li>
38283aab65389dd92a565cc907fa620b309ea26blgentis This is the Secure Sockets Layer (SSL) protocol, version 3.0, from
38283aab65389dd92a565cc907fa620b309ea26blgentis the Netscape Corporation.
a654b81078edd96412866655d47033a355152c2cpctony It is the successor to SSLv2 and the predecessor to TLSv1. It's supported by
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is the Transport Layer Security (TLS) protocol, version 1.0. It is the
a654b81078edd96412866655d47033a355152c2cpctony successor to SSLv3 and is defined in <a href="http://www.ietf.org/rfc/rfc2246.txt">RFC2246</a>.
a654b81078edd96412866655d47033a355152c2cpctony Which has been obsoleted by <a href="http://www.ietf.org/rfc/rfc4346.txt">RFC4346</a>.</p></li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This is a shortcut for ``<code>+SSLv2 +SSLv3 +TLSv1</code>'' and a
610981f18632eeb2fbefd7d59681ebdfcba806fbjorton convenient way for enabling all protocols except one when used in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive combination with the minus sign on a protocol as the example above
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive# enable SSLv3 and TLSv1, but not SSLv2<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLProtocol all -SSLv2
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Cipher Suite available for negotiation in SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehandshake</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<default>SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP</default>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis complex directive uses a colon-separated <em>cipher-spec</em> string
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconsisting of OpenSSL cipher specifications to configure the Cipher Suite the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclient is permitted to negotiate in the SSL handshake phase. Notice that this
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedirective can be used both in per-server and per-directory context. In
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-server context it applies to the standard SSL handshake when a connection
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirieris established. In per-directory context it forces a SSL renegotiation with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivereconfigured Cipher Suite after the HTTP request was read but before the HTTP
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveresponse is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAn SSL cipher specification in <em>cipher-spec</em> is composed of 4 major
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveattributes plus a few extra minor ones:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive RSA or Diffie-Hellman variants.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive RSA, Diffie-Hellman, DSS or none.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive DES, Triple-DES, RC4, RC2, IDEA or none.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive MD5, SHA or SHA1.
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirier<p>An SSL cipher can also be an export cipher and is either an SSLv2 or SSLv3/TLSv1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecipher (here TLSv1 is equivalent to SSLv3). To specify which ciphers to use,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveone can either specify all the Ciphers, one at a time, or use aliases to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivespecify the preference and order for the ciphers (see <a href="#table1">Table
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".5"/><column width=".5"/></columnspec>
984276e3760754bae346208618ad01194ddd4e73rbowen<tr><th><a name="table1">Tag</a></th> <th>Description</th></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Key Exchange Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kRSA</code></td> <td>RSA key exchange</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kDHr</code></td> <td>Diffie-Hellman key exchange with RSA key</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kDHd</code></td> <td>Diffie-Hellman key exchange with DSA key</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>kEDH</code></td> <td>Ephemeral (temp.key) Diffie-Hellman key exchange (no cert)</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Authentication Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aNULL</code></td> <td>No authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aRSA</code></td> <td>RSA authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aDSS</code></td> <td>DSS authentication</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>aDH</code></td> <td>Diffie-Hellman authentication</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>Cipher Encoding Algorithm:</em></td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>eNULL</code></td> <td>No encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DES</code></td> <td>DES encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>3DES</code></td> <td>Triple-DES encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RC4</code></td> <td>RC4 encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RC2</code></td> <td>RC2 encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>IDEA</code></td> <td>IDEA encoding</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="2"><em>MAC Digest Algorithm</em>:</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>MD5</code></td> <td>MD5 hash function</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SHA1</code></td> <td>SHA1 hash function</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SHA</code></td> <td>SHA hash function</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSLv2</code></td> <td>all SSL version 2.0 ciphers</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>SSLv3</code></td> <td>all SSL version 3.0 ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>TLSv1</code></td> <td>all TLS version 1.0 ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP</code></td> <td>all export ciphers</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXPORT40</code></td> <td>all 40-bit export ciphers only</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXPORT56</code></td> <td>all 56-bit export ciphers only</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>LOW</code></td> <td>all low strength ciphers (no export, single DES)</td></tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>MEDIUM</code></td> <td>all ciphers with 128 bit encryption</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>HIGH</code></td> <td>all ciphers using Triple-DES</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>RSA</code></td> <td>all ciphers using RSA key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DH</code></td> <td>all ciphers using Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EDH</code></td> <td>all ciphers using Ephemeral Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>ADH</code></td> <td>all ciphers using Anonymous Diffie-Hellman key exchange</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>DSS</code></td> <td>all ciphers using DSS authentication</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>NULL</code></td> <td>all ciphers using no encryption</td> </tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveNow where this becomes interesting is that these can be put together
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveto specify the order and ciphers you wish to use. To speed this up
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethere are also aliases (<code>SSLv2, SSLv3, TLSv1, EXP, LOW, MEDIUM,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHIGH</code>) for certain groups of ciphers. These tags can be joined
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivetogether with prefixes to form the <em>cipher-spec</em>. Available
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprefixes are:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>+</code>: add ciphers to list and pull them to current location in list</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>-</code>: remove cipher from list (can be added later again)</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<li><code>!</code>: kill cipher from list completely (can <strong>not</strong> be added later again)</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>A simpler way to look at all of this is to use the ``<code>openssl ciphers
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive-v</code>'' command which provides a nice way to successively create the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecorrect <em>cipher-spec</em> string. The default <em>cipher-spec</em> string
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveis ``<code>ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP</code>'' which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemeans the following: first, remove from consideration any ciphers that do not
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthenticate, i.e. for SSL only the Anonymous Diffie-Hellman ciphers. Next,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveuse ciphers using RC4 and RSA. Next include the high, medium and then the low
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivesecurity ciphers. Finally <em>pull</em> all SSLv2 and export ciphers to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveend of the list.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive$ openssl ciphers -v 'ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP'
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveNULL-SHA SSLv3 Kx=RSA Au=RSA Enc=None Mac=SHA1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveNULL-MD5 SSLv3 Kx=RSA Au=RSA Enc=None Mac=MD5
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive... ... ... ... ...
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEXP-RC2-CBC-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveEXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>The complete list of particular RSA & DH ciphers for SSL is given in <a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<columnspec><column width=".3"/><column width=".1"/><column width=".13"/>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<column width=".1"/><column width=".13"/><column width=".1"/>
984276e3760754bae346208618ad01194ddd4e73rbowen<tr><th><a name="table2">Cipher-Tag</a></th> <th>Protocol</th> <th>Key Ex.</th> <th>Auth.</th> <th>Enc.</th> <th>MAC</th> <th>Type</th> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC3-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>3DES(168)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>IDEA-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>IDEA(128)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-MD5</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>IDEA-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>IDEA(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC2-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>RC2(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>RC4-64-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>RC4(64)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>DES-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA</td> <td>RSA</td> <td>DES(56)</td> <td>MD5</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-RC2-CBC-MD5</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>RC2(40)</td> <td>MD5</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-RC4-MD5</code></td> <td>SSLv3</td> <td>RSA(512)</td> <td>RSA</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-RC2-CBC-MD5</code></td> <td>SSLv2</td> <td>RSA(512)</td> <td>RSA</td> <td>RC2(40)</td> <td>MD5</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-RC4-MD5</code></td> <td>SSLv2</td> <td>RSA(512)</td> <td>RSA</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>NULL-SHA</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>None</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>NULL-MD5</code></td> <td>SSLv3</td> <td>RSA</td> <td>RSA</td> <td>None</td> <td>MD5</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td colspan="7"><em>Diffie-Hellman Ciphers:</em></td></tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>ADH-RC4-MD5</code></td> <td>SSLv3</td> <td>DH</td> <td>None</td> <td>RC4(128)</td> <td>MD5</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-RSA-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>RSA</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-DSS-DES-CBC3-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>DSS</td> <td>3DES(168)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-RSA-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>RSA</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
97a9a944b5887e91042b019776c41d5dd74557aferikabele<tr><td><code>EDH-DSS-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH</td> <td>DSS</td> <td>DES(56)</td> <td>SHA1</td> <td></td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-EDH-RSA-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>RSA</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-EDH-DSS-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>DSS</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-ADH-DES-CBC-SHA</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>None</td> <td>DES(40)</td> <td>SHA1</td> <td> export</td> </tr>
a5da9d9dfc593837aca771df70ad124a37e22abapatrikj<tr><td><code>EXP-ADH-RC4-MD5</code></td> <td>SSLv3</td> <td>DH(512)</td> <td>None</td> <td>RC4(40)</td> <td>MD5</td> <td> export</td> </tr>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Server PEM-encoded X.509 Certificate file</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive points to the PEM-encoded Certificate file for the server and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptionally also to the corresponding RSA or DSA Private Key file for it
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(contained in the same file). If the contained Private Key is encrypted the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePass Phrase dialog is forced at startup time. This directive can be used up to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivetwo times (referencing different filenames) when both a RSA and a DSA based
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver certificate is used in parallel.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Server PEM-encoded Private Key file</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCertificateKeyFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive points to the PEM-encoded Private Key file for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver. If the Private Key is not combined with the Certificate in the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive>SSLCertificateFile</directive>, use this additional directive to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivepoint to the file with the stand-alone Private Key. When
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive>SSLCertificateFile</directive> is used and the file
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontains both the Certificate and the Private Key this directive need
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivenot be used. But we strongly discourage this practice. Instead we
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverecommend you to separate the Certificate and the Private Key. If the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontained Private Key is encrypted, the Pass Phrase dialog is forced
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveat startup time. This directive can be used up to two times
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive(referencing different filenames) when both a RSA and a DSA based
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveprivate key is used in parallel.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of PEM-encoded Server CA Certificates</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCertificateChainFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the optional <em>all-in-one</em> file where you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveassemble the certificates of Certification Authorities (CA) which form the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate chain of the server certificate. This starts with the issuing CA
38283aab65389dd92a565cc907fa620b309ea26blgentiscertificate of the server certificate and can range up to the root CA
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate. Such a file is simply the concatenation of the various
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePEM-encoded CA Certificate files, usually in certificate chain order.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis should be used alternatively and/or additionally to <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCACertificatePath</directive> for explicitly
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconstructing the server certificate chain which is sent to the browser
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivein addition to the server certificate. It is especially useful to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveavoid conflicts with CA certificates when using client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication. Because although placing a CA certificate of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveserver certificate chain into <directive
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivemodule="mod_ssl">SSLCACertificatePath</directive> has the same effect
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor the certificate chain construction, it has the side-effect that
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclient certificates issued by this same CA certificate are also
60d4e69911c2076d97a593f75947d53173a7a02anoodlaccepted on client authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveBut be careful: Providing the certificate chain works only if you are using a
60d4e69911c2076d97a593f75947d53173a7a02anoodl<em>single</em> RSA <em>or</em> DSA based server certificate. If you are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveusing a coupled RSA+DSA certificate pair, this will work only if actually both
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificates use the <em>same</em> certificate chain. Else the browsers will be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconfused in this situation.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/ca.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Directory of PEM-encoded CA Certificates for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCACertificatePath <em>directory-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the directory where you keep the Certificates of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCertification Authorities (CAs) whose clients you deal with. These are used to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveverify the client certificate on Client Authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe files in this directory have to be PEM-encoded and are accessed through
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehash filenames. So usually you can't just place the Certificate files
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethere: you also have to create symbolic links named
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>hash-value</em><code>.N</code>. And you should always make sure this directory
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontains the appropriate symbolic links. Use the <code>Makefile</code> which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecomes with mod_ssl to accomplish this task.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCACertificatePath /usr/local/apache2/conf/ssl.crt/
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of concatenated PEM-encoded CA Certificates
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor Client Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCACertificateFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the <em>all-in-one</em> file where you can assemble the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCertificates of Certification Authorities (CA) whose <em>clients</em> you deal
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivewith. These are used for Client Authentication. Such a file is simply the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveconcatenation of the various PEM-encoded Certificate files, in order of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivepreference. This can be used alternatively and/or additionally to
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCACertificatePath</directive>.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-client.crt
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<description>File of concatenated PEM-encoded CA Certificates
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonfor defining acceptable CA names</description>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<syntax>SSLCADNRequestFile <em>file-path</em></syntax>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>When a client certificate is requested by mod_ssl, a list of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>acceptable Certificate Authority names</em> is sent to the client
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonin the SSL handshake. These CA names can be used by the client to
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonselect an appropriate client certificate out of those it has
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonavailable.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestPath</directive> or <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> are given, then the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonset of acceptable CA names sent to the client is the names of all the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonCA certificates given by the <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCACertificateFile</directive> and <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCACertificatePath</directive> directives; in other
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonwords, the names of the CAs which will actually be used to verify the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonclient certificate.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>In some circumstances, it is useful to be able to send a set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonacceptable CA names which differs from the actual CAs used to verify
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthe client certificate - for example, if the client certificates are
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonsigned by intermediate CAs. In such cases, <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestPath</directive> and/or <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> can be used; the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonacceptable CA names are then taken from the complete set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortoncertificates in the directory and/or file specified by this pair of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondirectives.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p><directive module="mod_ssl">SSLCADNRequestFile</directive> must
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonspecify an <em>all-in-one</em> file containing a concatenation of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonPEM-encoded CA certificates.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonSSLCADNRequestFile /usr/local/apache2/conf/ca-names.crt
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<directivesynopsis>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<description>Directory of PEM-encoded CA Certificates for
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondefining acceptable CA names</description>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<syntax>SSLCADNRequestPath <em>directory-path</em></syntax>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>This optional directive can be used to specify the set of
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>acceptable CA names</em> which will be sent to the client when a
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonclient certificate is requested. See the <directive
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonmodule="mod_ssl">SSLCADNRequestFile</directive> directive for more
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortondetails.</p>
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<p>The files in this directory have to be PEM-encoded and are accessed
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthrough hash filenames. So usually you can't just place the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonCertificate files there: you also have to create symbolic links named
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<em>hash-value</em><code>.N</code>. And you should always make sure
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonthis directory contains the appropriate symbolic links. Use the
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton<code>Makefile</code> which comes with mod_ssl to accomplish this
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jortonSSLCADNRequestPath /usr/local/apache2/conf/ca-names.crt/
cb689fbd5d89f1dd470a51fde2a04fa0ad21a440jorton</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Directory of PEM-encoded CA CRLs for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCARevocationPath <em>directory-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the directory where you keep the Certificate Revocation
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveLists (CRL) of Certification Authorities (CAs) whose clients you deal with.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThese are used to revoke the client certificate on Client Authentication.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe files in this directory have to be PEM-encoded and are accessed through
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehash filenames. So usually you have not only to place the CRL files there.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAdditionally you have to create symbolic links named
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontains the appropriate symbolic links. Use the <code>Makefile</code> which
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecomes with <module>mod_ssl</module> to accomplish this task.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCARevocationPath /usr/local/apache2/conf/ssl.crl/
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>File of concatenated PEM-encoded CA CRLs for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveClient Auth</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<syntax>SSLCARevocationFile <em>file-path</em></syntax>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the <em>all-in-one</em> file where you can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveassemble the Certificate Revocation Lists (CRL) of Certification
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAuthorities (CA) whose <em>clients</em> you deal with. These are used
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefor Client Authentication. Such a file is simply the concatenation of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe various PEM-encoded CRL files, in order of preference. This can be
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-client.crl
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Type of Client Certificate verification</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets the Certificate verification level for the Client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveAuthentication. Notice that this directive can be used both in per-server and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-directory context. In per-server context it applies to the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication process used in the standard SSL handshake when a connection is
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poirierestablished. In per-directory context it forces a SSL renegotiation with the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivereconfigured client verification level after the HTTP request was read but
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivebefore the HTTP response is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe following levels are available for <em>level</em>:</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive no client Certificate is required at all</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client <em>may</em> present a valid Certificate</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client <em>has to</em> present a valid Certificate</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the client may present a valid Certificate<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive but it need not to be (successfully) verifiable.</li>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>require</strong> are really interesting, because level
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>optional</strong> doesn't work with all browsers and level
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<strong>optional_no_ca</strong> is actually against the idea of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveauthentication (but can be used to establish SSL test pages, etc.)</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLVerifyClient require
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Maximum depth of CA Certificates in Client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveCertificate verification</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive sets how deeply mod_ssl should verify before deciding that the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveclients don't have a valid certificate. Notice that this directive can be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveused both in per-server and per-directory context. In per-server context it
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveapplies to the client authentication process used in the standard SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehandshake when a connection is established. In per-directory context it forces
b76a31daaa6e83bb0fd627a04f20e82bffcf1df4poiriera SSL renegotiation with the reconfigured client verification depth after the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHTTP request was read but before the HTTP response is sent.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe depth actually is the maximum number of intermediate certificate issuers,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivei.e. the number of CA certificates which are max allowed to be followed while
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveverifying the client certificate. A depth of 0 means that self-signed client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificates are accepted only, the default depth of 1 means the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecertificate can be self-signed or has to be signed by a CA which is directly
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveknown to the server (i.e. the CA's certificate is under
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directive module="mod_ssl">SSLCACertificatePath</directive>), etc.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLVerifyDepth 10
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Configure various SSL engine run-time options</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive can be used to control various run-time options on a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveper-directory basis. Normally, if multiple <code>SSLOptions</code>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecould apply to a directory, then the most specific one is taken
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecompletely; the options are not merged. However if <em>all</em> the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptions on the <code>SSLOptions</code> directive are preceded by a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveplus (<code>+</code>) or minus (<code>-</code>) symbol, the options
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare merged. Any options preceded by a <code>+</code> are added to the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveoptions currently in force, and any options preceded by a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<code>-</code> are removed from the options currently in force.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, the standard set of SSL related CGI/SSI
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive environment variables are created. This per default is disabled for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive performance reasons, because the information extraction step is a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive rather expensive operation. So one usually enables this option for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive CGI and SSI requests only.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, additional CGI/SSI environment variables are
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive created: <code>SSL_SERVER_CERT</code>, <code>SSL_CLIENT_CERT</code> and
256c9fec76025218e564ad19e100d4a38da10f42jorton <code>SSL_CLIENT_CERT_CHAIN_</code><em>n</em> (with <em>n</em> = 0,1,2,..).
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive These contain the PEM-encoded X.509 Certificates of server and client for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive the current HTTPS connection and can be used by CGI scripts for deeper
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Certificate checking. Additionally all other certificates of the client
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive certificate chain are provided, too. This bloats up the environment a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive little bit which is why you have to use this option to enable it on
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive demand.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive When this option is enabled, the Subject Distinguished Name (DN) of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Client X509 Certificate is translated into a HTTP Basic Authorization
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive username. This means that the standard Apache authentication methods can
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive be used for access control. The user name is just the Subject of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive Client's X509 Certificate (can be determined by running OpenSSL's
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>openssl x509</code> command: <code>openssl x509 -noout -subject -in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive </code><em>certificate</em><code>.crt</code>). Note that no password is
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive obtained from the user. Every entry in the user file needs this password:
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive ``<code>xxj31ZMTZzkVA</code>'', which is the DES-encrypted version of the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive word `<code>password</code>''. Those who live under MD5-based encryption
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive (for instance under FreeBSD or BSD/OS, etc.) should use the following MD5
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive hash of the same word: ``<code>$1$OXLyS...$Owx8s2/m9/gfkcRVXzgoE/</code>''.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This <em>forces</em> forbidden access when <code>SSLRequireSSL</code> or
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>SSLRequire</code> successfully decided that access should be
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive forbidden. Usually the default is that in the case where a ``<code>Satisfy
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive any</code>'' directive is used, and other access restrictions are passed,
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>SSLRequire</code> is overridden (because that's how the Apache
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive <code>Satisfy</code> mechanism should work.) But for strict access restriction
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive you can use <code>SSLRequireSSL</code> and/or <code>SSLRequire</code> in
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive combination with an ``<code>SSLOptions +StrictRequire</code>''. Then an
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive additional ``<code>Satisfy Any</code>'' has no chance once mod_ssl has
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive decided to deny access.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive This enables optimized SSL connection renegotiation handling when SSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive directives are used in per-directory context. By default a strict
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive scheme is enabled where <em>every</em> per-directory reconfiguration of
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive SSL parameters causes a <em>full</em> SSL renegotiation handshake. When this
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive option is used mod_ssl tries to avoid unnecessary handshakes by doing more
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive granular (but still safe) parameter checks. Nevertheless these granular
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive checks sometimes maybe not what the user expects, so enable this on a
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive per-directory basis only, please.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf This option influences how values of the
1b1621900bd89ddc496d721c865a726f635ebd7esf <code>SSL_{CLIENT,SERVER}_{I,S}_DN</code> variables are formatted. Since
1b1621900bd89ddc496d721c865a726f635ebd7esf version 2.3.11, Apache HTTPD uses a RFC 2253 compatible format by
1b1621900bd89ddc496d721c865a726f635ebd7esf default. This uses commas as delimiters between the attributes, allows the
1b1621900bd89ddc496d721c865a726f635ebd7esf use of non-ASCII characters (which are converted to UTF8), escapes
1b1621900bd89ddc496d721c865a726f635ebd7esf various special characters with backslashes, and sorts the attributes
1b1621900bd89ddc496d721c865a726f635ebd7esf with the "C" attribute last.</p>
1b1621900bd89ddc496d721c865a726f635ebd7esf <p>If <code>LegacyDNStringFormat</code> is set, the old format will be
1b1621900bd89ddc496d721c865a726f635ebd7esf used which sorts the "C" attribute first, uses slashes as separators, and
1b1621900bd89ddc496d721c865a726f635ebd7esf does not handle non-ASCII and special characters in any consistent way.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLOptions +FakeBasicAuth -StrictRequire<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<Files ~ "\.(cgi|shtml)$"><br />
a56a8e999892460eea79a9d2d20c762dc5f47a10sf SSLOptions +StdEnvVars -ExportCertData<br />
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<Files>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Deny access when SSL is not used for the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveHTTP request</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive forbids access unless HTTP over SSL (i.e. HTTPS) is enabled for
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivethe current connection. This is very handy inside the SSL-enabled virtual
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivehost or directories for defending against configuration errors that expose
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivestuff that should be protected. When this directive is present all requests
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveare denied which are not using SSL.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveSSLRequireSSL
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<description>Allow access only when an arbitrarily complex
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveboolean expression is true</description>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThis directive specifies a general access requirement which has to be
e55568369c0cb7b40f0faa9a6cf751676695f6bfmartinfulfilled in order to allow access. It is a very powerful directive because the
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverequirement specification is an arbitrarily complex boolean expression
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontaining any number of access checks.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveThe <em>expression</em> must match the following syntax (given as a BNF
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivegrammar notation):</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<blockquote>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveexpr ::= "<strong>true</strong>" | "<strong>false</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecomp ::= word "<strong>==</strong>" word | word "<strong>eq</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>!=</strong>" word | word "<strong>ne</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong><</strong>" word | word "<strong>lt</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong><=</strong>" word | word "<strong>le</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>></strong>" word | word "<strong>gt</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>>=</strong>" word | word "<strong>ge</strong>" word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive | word "<strong>in</strong>" "<strong>{</strong>" wordlist "<strong>}</strong>"
e1c1bf4d7684950ea2a31a0419dc46991ec539abmartin | word "<strong>in</strong>" "<strong>PeerExtList(</strong>" word "<strong>)</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivewordlist ::= word
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveword ::= digit
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivedigit ::= [0-9]+
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecstring ::= "..."
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivevariable ::= "<strong>%{</strong>" varname "<strong>}</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivefunction ::= funcname "<strong>(</strong>" funcargs "<strong>)</strong>"
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</blockquote>
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>For <code>varname</code> any of the variables described in <a
f7ac17a355153b91b25db5d526afd752465aa489jortonhref="#envvars">Environment Variables</a> can be used. For
02c4e4fe19f1120c6bdf561950ab60077c61cc5fsf<code>funcname</code> the available functions are listed in
02c4e4fe19f1120c6bdf561950ab60077c61cc5fsfthe <a href="/expr.html#functions">ap_expr documentation</a>.</p>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive<p>Notice that <em>expression</em> is first parsed into an internal machine
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliverepresentation and then evaluated in a second step. Actually, in Global and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivePer-Server Class context <em>expression</em> is parsed at startup time and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveat runtime only the machine representation is executed. For Per-Directory
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slivecontext this is different: here <em>expression</em> has to be parsed and
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37sliveimmediately executed for every request.</p>
f7ac17a355153b91b25db5d526afd752465aa489jorton<pre>SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
f7ac17a355153b91b25db5d526afd752465aa489jorton and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
f7ac17a355153b91b25db5d526afd752465aa489jorton and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
f7ac17a355153b91b25db5d526afd752465aa489jorton and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
f7ac17a355153b91b25db5d526afd752465aa489jorton and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
f7ac17a355153b91b25db5d526afd752465aa489jorton or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/</pre>
f7ac17a355153b91b25db5d526afd752465aa489jorton<p>The <code>PeerExtList(<em>object-ID</em>)</code> function expects
f7ac17a355153b91b25db5d526afd752465aa489jortonto find zero or more instances of the X.509 certificate extension
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonidentified by the given <em>object ID</em> (OID) in the client certificate.
f7ac17a355153b91b25db5d526afd752465aa489jortonThe expression evaluates to true if the left-hand side string matches
f7ac17a355153b91b25db5d526afd752465aa489jortonexactly against the value of an extension identified with this OID.
f7ac17a355153b91b25db5d526afd752465aa489jorton(If multiple extensions with the same OID are present, at least one
f7ac17a355153b91b25db5d526afd752465aa489jortonextension must match).</p>
f7ac17a355153b91b25db5d526afd752465aa489jortonSSLRequire "foobar" in PeerExtList("1.2.3.4.5.6")
f7ac17a355153b91b25db5d526afd752465aa489jorton<note><title>Notes on the PeerExtList function</title>
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jorton<li><p>The object ID can be specified either as a descriptive
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonname recognized by the SSL library, such as <code>"nsComment"</code>,
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonor as a numeric OID, such as <code>"1.2.3.4.5.6"</code>.</p></li>
f7ac17a355153b91b25db5d526afd752465aa489jorton<li><p>Expressions with types known to the SSL library are rendered to
f7ac17a355153b91b25db5d526afd752465aa489jortona string before comparison. For an extension with a type not
f7ac17a355153b91b25db5d526afd752465aa489jortonrecognized by the SSL library, mod_ssl will parse the value if it is
db0a69066a507e4b86b8b93d5e9e0c15df4c0237jortonone of the primitive ASN.1 types UTF8String, IA5String, VisibleString,
f7ac17a355153b91b25db5d526afd752465aa489jortonor BMPString. For an extension of one of these types, the string
f7ac17a355153b91b25db5d526afd752465aa489jortonvalue will be converted to UTF-8 if necessary, then compared against
f28cb43e0ae51d68dee099bbf7ddbc84252cbd7eigalic<seealso><a href="/env.html">Environment Variables in Apache HTTP Server</a>,
f28cb43e0ae51d68dee099bbf7ddbc84252cbd7eigalicfor additional examples.
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</directivesynopsis>
0eead7b938755d271961071a208b9934617ecedfrpluem<directivesynopsis>
53dc45378bd4ed291a736a89089387f48b9005f1jorton<description>Set the size for the SSL renegotiation buffer</description>
53dc45378bd4ed291a736a89089387f48b9005f1jorton<p>If an SSL renegotiation is required in per-location context, for
53dc45378bd4ed291a736a89089387f48b9005f1jortonexample, any use of <directive
53dc45378bd4ed291a736a89089387f48b9005f1jortonmodule="mod_ssl">SSLVerifyClient</directive> in a Directory or
53dc45378bd4ed291a736a89089387f48b9005f1jortonLocation block, then <module>mod_ssl</module> must buffer any HTTP
53dc45378bd4ed291a736a89089387f48b9005f1jortonrequest body into memory until the new SSL handshake can be performed.
53dc45378bd4ed291a736a89089387f48b9005f1jortonThis directive can be used to set the amount of memory that will be
53dc45378bd4ed291a736a89089387f48b9005f1jortonused for this buffer. </p>
53dc45378bd4ed291a736a89089387f48b9005f1jortonNote that in many configurations, the client sending the request body
53dc45378bd4ed291a736a89089387f48b9005f1jortonwill be untrusted so a denial of service attack by consumption of
53dc45378bd4ed291a736a89089387f48b9005f1jortonmemory must be considered when changing this configuration setting.
0eead7b938755d271961071a208b9934617ecedfrpluemSSLRenegBufferSize 262144
0eead7b938755d271961071a208b9934617ecedfrpluem</directivesynopsis>
e3715027f352040ef98da03359b00f13ddb506cbrpluem<directivesynopsis>
1fd5131d5732e639b0b4225ca0afea717c41bc11trawick<description>Whether to allow non-SNI clients to access a name-based virtual
e3715027f352040ef98da03359b00f13ddb506cbrpluem</description>
b4f25203520c168e2df9f7d83024db09e68efe7ecovener<compatibility>Available in Apache 2.2.12 and later</compatibility>
1fd5131d5732e639b0b4225ca0afea717c41bc11trawickThis directive sets whether a non-SNI client is allowed to access a name-based
1fd5131d5732e639b0b4225ca0afea717c41bc11trawickvirtual host. If set to <code>on</code> in the default name-based virtual
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalichost, clients that are SNI unaware will not be allowed to access <em>any</em>
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalicvirtual host, belonging to this particular IP / port combination.
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalicIf set to <code>on</code> in any other virtual host, SNI unaware clients
c33dbf8773dd8ae2d89a7a5bd97df00fd582e008igalicare not allowed to access this particular virtual host.
e3715027f352040ef98da03359b00f13ddb506cbrpluemThis option is only available if httpd was compiled against an SNI capable
e3715027f352040ef98da03359b00f13ddb506cbrpluemversion of OpenSSL.
e3715027f352040ef98da03359b00f13ddb506cbrpluemSSLStrictSNIVHostCheck on
e3715027f352040ef98da03359b00f13ddb506cbrpluem</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<description>Directory of PEM-encoded client certificates and keys to be used by the proxy</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyMachineCertificatePath <em>directory</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<contextlist><context>server config</context></contextlist>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsThis directive sets the directory where you keep the certificates and
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadskeys used for authentication of the proxy server to remote servers.
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>The files in this directory must be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. Additionally, you must create symbolic links named
d99faa99674be527e7fcc0ab5903463be779934drbowen<code><em>hash-value</em>.N</code>. And you should always make sure this
d99faa99674be527e7fcc0ab5903463be779934drbowendirectory contains the appropriate symbolic links. Use the Makefile which
d99faa99674be527e7fcc0ab5903463be779934drbowencomes with mod_ssl to accomplish this task.
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<p>Currently there is no support for encrypted private keys</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsSSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<description>File of concatenated PEM-encoded client certificates and keys to be used by the proxy</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyMachineCertificateFile <em>filename</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<contextlist><context>server config</context></contextlist>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsThis directive sets the all-in-one file where you keep the certificates and
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadskeys used for authentication of the proxy server to remote servers.
d99faa99674be527e7fcc0ab5903463be779934drbowenThis referenced file is simply the concatenation of the various PEM-encoded
d99faa99674be527e7fcc0ab5903463be779934drbowencertificate files, in order of preference. Use this directive alternatively
d99faa99674be527e7fcc0ab5903463be779934drbowenor additionally to <code>SSLProxyMachineCertificatePath</code>.
65e536f8dab0d8c715fc718e7405fbbac4b0837bmads<p>Currently there is no support for encrypted private keys</p>
65e536f8dab0d8c715fc718e7405fbbac4b0837bmadsSSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Type of remote server Certificate verification</description>
6a93ff92c722b879358b25415302e090833a2c75jorton<p>When a proxy is configured to forward requests to a remote SSL
6a93ff92c722b879358b25415302e090833a2c75jortonserver, this directive can be used to configure certificate
68aed4e74d7db15eaab99b93bb8a10f981979626covenerverification of the remote server. </p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe following levels are available for <em>level</em>:</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen no remote server Certificate is required at all</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server <em>may</em> present a valid Certificate</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server <em>has to</em> present a valid Certificate</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen the remote server may present a valid Certificate<br />
d99faa99674be527e7fcc0ab5903463be779934drbowen but it need not to be (successfully) verifiable.</li>
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>require</strong> are really interesting, because level
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>optional</strong> doesn't work with all servers and level
d99faa99674be527e7fcc0ab5903463be779934drbowen<strong>optional_no_ca</strong> is actually against the idea of
d99faa99674be527e7fcc0ab5903463be779934drbowenauthentication (but can be used to establish SSL test pages, etc.)</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyVerify require
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Maximum depth of CA Certificates in Remote Server
d99faa99674be527e7fcc0ab5903463be779934drbowenCertificate verification</description>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets how deeply mod_ssl should verify before deciding that the
68aed4e74d7db15eaab99b93bb8a10f981979626covenerremote server does not have a valid certificate. </p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe depth actually is the maximum number of intermediate certificate issuers,
d99faa99674be527e7fcc0ab5903463be779934drboweni.e. the number of CA certificates which are max allowed to be followed while
d99faa99674be527e7fcc0ab5903463be779934drbowenverifying the remote server certificate. A depth of 0 means that self-signed
d99faa99674be527e7fcc0ab5903463be779934drbowenremote server certificates are accepted only, the default depth of 1 means
d99faa99674be527e7fcc0ab5903463be779934drbowenthe remote server certificate can be self-signed or has to be signed by a CA
d99faa99674be527e7fcc0ab5903463be779934drbowenwhich is directly known to the server (i.e. the CA's certificate is under
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLProxyCACertificatePath</directive>), etc.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyVerifyDepth 10
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<description>Whether to check if remote server certificate is expired
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</description>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemThis directive sets whether it is checked if the remote server certificate
8f2700898323915da289644dc1f3ee11a5e5b4earpluemis expired or not. If the check fails a 502 status code (Bad Gateway) is
8f2700898323915da289644dc1f3ee11a5e5b4earpluemSSLProxyCheckPeerExpire on
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<directivesynopsis>
8f2700898323915da289644dc1f3ee11a5e5b4earpluem<description>Whether to check the remote server certificates CN field
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</description>
8f2700898323915da289644dc1f3ee11a5e5b4earpluemThis directive sets whether the remote server certificates CN field is
8f2700898323915da289644dc1f3ee11a5e5b4earpluemcompared against the hostname of the request URL. If both are not equal
8f2700898323915da289644dc1f3ee11a5e5b4earpluema 502 status code (Bad Gateway) is sent.
8f2700898323915da289644dc1f3ee11a5e5b4earpluemSSLProxyCheckPeerCN on
8f2700898323915da289644dc1f3ee11a5e5b4earpluem</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>SSL Proxy Engine Operation Switch</description>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive toggles the usage of the SSL/TLS Protocol Engine for proxy. This
d99faa99674be527e7fcc0ab5903463be779934drbowentype="section">VirtualHost</directive> section to enable SSL/TLS for proxy
d99faa99674be527e7fcc0ab5903463be779934drbowenusage in a particular virtual host. By default the SSL/TLS Protocol Engine is
d99faa99674be527e7fcc0ab5903463be779934drbowendisabled for proxy image both for the main server and all configured virtual hosts.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<VirtualHost _default_:443><br />
d99faa99674be527e7fcc0ab5903463be779934drbowenSSLProxyEngine on<br />
d99faa99674be527e7fcc0ab5903463be779934drbowen</VirtualHost>
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Configure usable SSL protocol flavors for proxy usage</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyProtocol [+|-]<em>protocol</em> ...</syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<!-- XXX Why does this have an override and not .htaccess context? -->
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive can be used to control the SSL protocol flavors mod_ssl should
d99faa99674be527e7fcc0ab5903463be779934drbowenuse when establishing its server environment for proxy . It will only connect
d99faa99674be527e7fcc0ab5903463be779934drbowento servers using one of the provided protocols.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Please refer to <directive module="mod_ssl">SSLProtocol</directive>
d99faa99674be527e7fcc0ab5903463be779934drbowenfor additional information.
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Cipher Suite available for negotiation in SSL
d99faa99674be527e7fcc0ab5903463be779934drbowenproxy handshake</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCipherSuite <em>cipher-spec</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowen<default>SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP</default>
d99faa99674be527e7fcc0ab5903463be779934drbowen<p>Equivalent to <code>SSLCipherSuite</code>, but for the proxy connection.
d99faa99674be527e7fcc0ab5903463be779934drbowenPlease refer to <directive module="mod_ssl">SSLCipherSuite</directive>
2e1789ae4b1b62d36ed53ccdd391f626640d642frbowenfor additional information.</p>
2e1789ae4b1b62d36ed53ccdd391f626640d642frbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Directory of PEM-encoded CA Certificates for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCACertificatePath <em>directory-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the directory where you keep the Certificates of
d99faa99674be527e7fcc0ab5903463be779934drbowenCertification Authorities (CAs) whose remote servers you deal with. These are used to
d99faa99674be527e7fcc0ab5903463be779934drbowenverify the remote server certificate on Remote Server Authentication.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe files in this directory have to be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. So usually you can't just place the Certificate files
d99faa99674be527e7fcc0ab5903463be779934drbowenthere: you also have to create symbolic links named
d99faa99674be527e7fcc0ab5903463be779934drbowen<em>hash-value</em><code>.N</code>. And you should always make sure this directory
d99faa99674be527e7fcc0ab5903463be779934drbowencontains the appropriate symbolic links. Use the <code>Makefile</code> which
d99faa99674be527e7fcc0ab5903463be779934drbowencomes with mod_ssl to accomplish this task.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCACertificatePath /usr/local/apache2/conf/ssl.crt/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>File of concatenated PEM-encoded CA Certificates
d99faa99674be527e7fcc0ab5903463be779934drbowenfor Remote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCACertificateFile <em>file-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the <em>all-in-one</em> file where you can assemble the
d99faa99674be527e7fcc0ab5903463be779934drbowenCertificates of Certification Authorities (CA) whose <em>remote servers</em> you deal
d99faa99674be527e7fcc0ab5903463be779934drbowenwith. These are used for Remote Server Authentication. Such a file is simply the
d99faa99674be527e7fcc0ab5903463be779934drbowenconcatenation of the various PEM-encoded Certificate files, in order of
d99faa99674be527e7fcc0ab5903463be779934drbowenpreference. This can be used alternatively and/or additionally to
d99faa99674be527e7fcc0ab5903463be779934drbowen<directive module="mod_ssl">SSLProxyCACertificatePath</directive>.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-remote-server.crt
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>Directory of PEM-encoded CA CRLs for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCARevocationPath <em>directory-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the directory where you keep the Certificate Revocation
d99faa99674be527e7fcc0ab5903463be779934drbowenLists (CRL) of Certification Authorities (CAs) whose remote servers you deal with.
d99faa99674be527e7fcc0ab5903463be779934drbowenThese are used to revoke the remote server certificate on Remote Server Authentication.</p>
d99faa99674be527e7fcc0ab5903463be779934drbowenThe files in this directory have to be PEM-encoded and are accessed through
d99faa99674be527e7fcc0ab5903463be779934drbowenhash filenames. So usually you have not only to place the CRL files there.
d99faa99674be527e7fcc0ab5903463be779934drbowenAdditionally you have to create symbolic links named
d99faa99674be527e7fcc0ab5903463be779934drbowen<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
d99faa99674be527e7fcc0ab5903463be779934drbowencontains the appropriate symbolic links. Use the <code>Makefile</code> which
d99faa99674be527e7fcc0ab5903463be779934drbowencomes with <module>mod_ssl</module> to accomplish this task.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCARevocationPath /usr/local/apache2/conf/ssl.crl/
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<directivesynopsis>
d99faa99674be527e7fcc0ab5903463be779934drbowen<description>File of concatenated PEM-encoded CA CRLs for
d99faa99674be527e7fcc0ab5903463be779934drbowenRemote Server Auth</description>
d99faa99674be527e7fcc0ab5903463be779934drbowen<syntax>SSLProxyCARevocationFile <em>file-path</em></syntax>
d99faa99674be527e7fcc0ab5903463be779934drbowenThis directive sets the <em>all-in-one</em> file where you can
d99faa99674be527e7fcc0ab5903463be779934drbowenassemble the Certificate Revocation Lists (CRL) of Certification
d99faa99674be527e7fcc0ab5903463be779934drbowenAuthorities (CA) whose <em>remote servers</em> you deal with. These are used
d99faa99674be527e7fcc0ab5903463be779934drbowenfor Remote Server Authentication. Such a file is simply the concatenation of
d99faa99674be527e7fcc0ab5903463be779934drbowenthe various PEM-encoded CRL files, in order of preference. This can be
d99faa99674be527e7fcc0ab5903463be779934drbowenmodule="mod_ssl">SSLProxyCARevocationPath</directive>.</p>
e22983c2cda01e5df1a8a6b72c2ff687370975aaerikabeleSSLProxyCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-remote-server.crl
d99faa99674be527e7fcc0ab5903463be779934drbowen</directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<directivesynopsis>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<description>Variable name to determine user name</description>
72266eec881e63906c7d415ed0cc3c144c7337b8jorton<compatibility>Available in Apache 2.0.51 and later</compatibility>
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonThis directive sets the "user" field in the Apache request object.
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonThis is used by lower modules to identify the user with a character
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonstring. In particular, this may cause the environment variable
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton<code>REMOTE_USER</code> to be set. The <em>varname</em> can be
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonany of the <a href="#envvars">SSL environment variables</a>.</p>
1ab9cf3bb2ffedd3dd13008be6a1d64423afeefejorton<p>Note that this directive has no effect if the
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jortonSSLUserName SSL_CLIENT_S_DN_CN
eff8e38d2e04f20febd66366f5bb8a5a640ca4f8jorton</directivesynopsis>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<directivesynopsis>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<description>Option to prefer the server's cipher preference order</description>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<compatibility>Available in Apache 2.1 and later, if using OpenSSL 0.9.7 or later</compatibility>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton<p>When choosing a cipher during an SSLv3 or TLSv1 handshake, normally
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jortonthe client's preference is used. If this directive is enabled, the
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jortonserver's preference will be used instead.</p>
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jortonSSLHonorCipherOrder on
d2e618b3d0951b9f6a590dea8f21b9a2350d26d0jorton</directivesynopsis>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<directivesynopsis>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<description>Enable use of a cryptographic hardware accelerator</description>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<contextlist><context>server config</context></contextlist>
4cd185b8f43b3014d0ef735b16c733844956c665jortonThis directive enables use of a cryptographic hardware accelerator
4cd185b8f43b3014d0ef735b16c733844956c665jortonboard to offload some of the SSL processing overhead. This directive
4cd185b8f43b3014d0ef735b16c733844956c665jortoncan only be used if the SSL toolkit is built with "engine" support;
4cd185b8f43b3014d0ef735b16c733844956c665jortonOpenSSL 0.9.7 and later releases have "engine" support by default, the
4cd185b8f43b3014d0ef735b16c733844956c665jortonseparate "-engine" releases of OpenSSL 0.9.6 must be used.</p>
4cd185b8f43b3014d0ef735b16c733844956c665jorton<p>To discover which engine names are supported, run the command
4cd185b8f43b3014d0ef735b16c733844956c665jorton# For a Broadcom accelerator:<br />
4cd185b8f43b3014d0ef735b16c733844956c665jortonSSLCryptoDevice ubsec
4cd185b8f43b3014d0ef735b16c733844956c665jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Enable OCSP validation of the client certificate chain</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>This option enables OCSP validation of the client certificate
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonchain. If this option is enabled, certificates in the client's
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortoncertificate chain will be validated against an OCSP responder after
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonnormal verification (including CRL checks) have taken place.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>The OCSP responder used is either extracted from the certificate
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonitself, or derived by configuration; see the
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directive module="mod_ssl">SSLOCSPDefaultResponder</directive> and
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directive module="mod_ssl">SSLOCSPOverrideResponder</directive>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortondirectives.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonSSLVerifyClient on<br/>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonSSLOCSPEnable on<br/>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonSSLOCSPDefaultResponder http://responder.example.com:8888/responder<br/>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonSSLOCSPOverrideResponder on
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Set the default responder URI for OCSP validation</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>This option sets the default OCSP responder to use. If <directive
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonmodule="mod_ssl">SSLOCSPOverrideResponder</directive> is not enabled,
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonthe URI given will be used only if no responder URI is specified in
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonthe certificate being verified.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<directivesynopsis>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<description>Force use of the default responder URI for OCSP validation</description>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<syntax>SSLOCSPOverrideResponder <em>flag</em></syntax>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton<p>This option forces the configured default OCSP responder to be used
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortonduring OCSP certificate validation, regardless of whether the
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jortoncertificate being validated references an OCSP responder.</p>
512185ecf62bdf08a826a2b6ce7ae7157fd5c793jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Maximum allowable time skew for OCSP response validation</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLOCSPResponseTimeSkew <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the maximum allowable time skew for OCSP responses
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton(when checking their <code>thisUpdate</code> and <code>nextUpdate</code> fields).</p>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<description>Maximum allowable age for OCSP responses</description>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLOCSPResponseMaxAge <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the maximum allowable age ("freshness") for OCSP responses.
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonThe default value (<code>-1</code>) does not enforce a maximum age,
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jortonwhich means that OCSP responses are considered valid as long as their
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directivesynopsis>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<syntax>SSLOCSPResponderTimeout <em>seconds</em></syntax>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<p>This option sets the timeout for queries to OCSP responders, when
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton<directive module="mod_ssl">SSLOCSPEnable</directive> is turned on.</p>
a2558ec3af4391b7da7fe61e1e53383bbd0174b9jorton</directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<directivesynopsis>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<description>Option to enable support for insecure renegotiation</description>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<syntax>SSLInsecureRenegotiation <em>flag</em></syntax>
d65e1c07c15ae58d79d1413fcba46c6eaddefd00rjung<compatibility>Available in httpd 2.2.15 and later, if using OpenSSL 0.9.8m or later</compatibility>
f7489468254ddf807594db3dfb994035f0ec1c7djorton<p>As originally specified, all versions of the SSL and TLS protocols
f7489468254ddf807594db3dfb994035f0ec1c7djorton(up to and including TLS/1.2) were vulnerable to a Man-in-the-Middle
f7489468254ddf807594db3dfb994035f0ec1c7djorton(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>)
f7489468254ddf807594db3dfb994035f0ec1c7djortonduring a renegotiation. This vulnerability allowed an attacker to
f7489468254ddf807594db3dfb994035f0ec1c7djorton"prefix" a chosen plaintext to the HTTP request as seen by the web
f7489468254ddf807594db3dfb994035f0ec1c7djortonserver. A protocol extension was developed which fixed this
f7489468254ddf807594db3dfb994035f0ec1c7djortonvulnerability if supported by both client and server.</p>
2abdc0d12bb0cdad4f5c9e5b10b80cc5b0317fb3rjung<p>If <module>mod_ssl</module> is linked against OpenSSL version 0.9.8m
2abdc0d12bb0cdad4f5c9e5b10b80cc5b0317fb3rjungor later, by default renegotiation is only supported with
f7489468254ddf807594db3dfb994035f0ec1c7djortonclients supporting the new protocol extension. If this directive is
681179909163fc15393800e50de63b9db31b2ee3jortonenabled, renegotiation will be allowed with old (unpatched) clients,
681179909163fc15393800e50de63b9db31b2ee3jortonalbeit insecurely.</p>
681179909163fc15393800e50de63b9db31b2ee3jorton<p>If this directive is enabled, SSL connections will be vulnerable to
681179909163fc15393800e50de63b9db31b2ee3jortonthe Man-in-the-Middle prefix attack as described
681179909163fc15393800e50de63b9db31b2ee3jortonin <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>.</p>
f7489468254ddf807594db3dfb994035f0ec1c7djortonSSLInsecureRenegotiation on
681179909163fc15393800e50de63b9db31b2ee3jorton<p>The <code>SSL_SECURE_RENEG</code> environment variable can be used
681179909163fc15393800e50de63b9db31b2ee3jortonfrom an SSI or CGI script to determine whether secure renegotiation is
681179909163fc15393800e50de63b9db31b2ee3jortonsupported for a given SSL connection.</p>
f7489468254ddf807594db3dfb994035f0ec1c7djorton</directivesynopsis>
e6469ad7a7dacf318f7ecf393b448b83ad1fdb37slive</modulesynopsis>