Opened 10 years ago

Closed 10 years ago

#14 closed defect (fixed)

Allow for configuration of parameters globally

Reported by: Daniel Kahn Gillmor Owned by: Daniel Kahn Gillmor
Priority: major Component: code
Version: 5.10 Keywords: config


imported from mantis, benbe wrote:

It'd be nice if you could configure some parts like Cipher Priority, Certificate Chain File (yeah, that one makes sense), maybe even default Certificate (if you've got a wildcard which can be used as fallback), GnuTLS-based Auth Params, ... in the global Apache Configuration and get those values as a default if they aren't present in the actual VHost configuration.
Additional Information Take this sample configuration:

GnuTLSCertChain /etc/ssl/all_my_certs_chain.pem

GnuTLS on
GnuTLSKeyFile /etc/ssl/mycert1.key
GnuTLSCertFile /etc/ssl/mycert1.pem
GnuTLS on
GnuTLSKeyFile /etc/ssl/mycert2.key
GnuTLSCertFile /etc/ssl/mycert2.pem

Both VHosts should now be using the set priority string and send /etc/ssl/all_my_certs_chain.pem as their key chain (plus their actual certificate as the leaf).

Change History (1)

comment:1 Changed 10 years ago by Daniel Kahn Gillmor

Resolution: fixed
Status: newclosed

this is fixed in trunk.

Note: See TracTickets for help on using tickets.