Add example HTTPS vhost

author: Gareth Rees <gareth@mysociety.org> 2014-07-17 11:28:51 +0100
committer: Gareth Rees <gareth@mysociety.org> 2014-07-17 12:32:55 +0100
commit: ab1f215fe701a4dc8ae59465290ccc85d7650fef (patch)
tree: f75b0867a306993b0e7583c5d0ad65d1cbde05f3
parent: 9fe90fb0fe2fa0aabd217700b071197f44c2adde (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/config/httpd-ssl-vhost.conf-example b/config/httpd-ssl-vhost.conf-example
new file mode 100644
index 000000000..820a94165
--- /dev/null
+++ b/config/httpd-ssl-vhost.conf-example
@@ -0,0 +1,24 @@
+# VirtualHost for HTTPS requess
+<VirtualHost *:443>
+  ServerName www.example.com
+
+  ErrorLog /var/log/apache2/alaveteli_error.log
+  CustomLog /var/log/apache2/alaveteli_access.log combined
+
+  ProxyRequests       Off
+  ProxyPreserveHost   On
+  ProxyPass           /       http://localhost:80/
+  ProxyPassReverse    /       http://localhost:80/
+  RequestHeader       set X-Forwarded-Proto 'https'
+
+  SSLEngine on
+  SSLProtocol all -SSLv2
+  SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
+
+  SSLCertificateFile /etc/apache2/ssl/ssl.crt
+  SSLCertificateKeyFile /etc/apache2/ssl/ssl.key
+  SSLCertificateChainFile /etc/apache2/ssl/sub.class2.server.ca.pem
+  SSLCACertificateFile /etc/apache2/ssl/ca.pem
+
+  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+</VirtualHost>
author	Gareth Rees <gareth@mysociety.org>	2014-07-17 11:28:51 +0100
committer	Gareth Rees <gareth@mysociety.org>	2014-07-17 12:32:55 +0100
commit	ab1f215fe701a4dc8ae59465290ccc85d7650fef (patch)
tree	f75b0867a306993b0e7583c5d0ad65d1cbde05f3
parent	9fe90fb0fe2fa0aabd217700b071197f44c2adde (diff)