summaryrefslogtreecommitdiffstats
path: root/debian/perl-framework/t/conf/http2.conf.in
diff options
context:
space:
mode:
Diffstat (limited to 'debian/perl-framework/t/conf/http2.conf.in')
-rw-r--r--debian/perl-framework/t/conf/http2.conf.in105
1 files changed, 105 insertions, 0 deletions
diff --git a/debian/perl-framework/t/conf/http2.conf.in b/debian/perl-framework/t/conf/http2.conf.in
new file mode 100644
index 0000000..2e6ca67
--- /dev/null
+++ b/debian/perl-framework/t/conf/http2.conf.in
@@ -0,0 +1,105 @@
+##
+## mod_http2 test config
+##
+
+<IfDefine APACHE2>
+ <IfModule http2_module>
+
+ LogLevel http2:debug
+
+ <VirtualHost h2c>
+ Protocols h2c http/1.1
+
+ <IfModule @CGI_MODULE@>
+ <Directory @SERVERROOT@/htdocs/modules/h2>
+ Options +ExecCGI
+ AddHandler cgi-script .pl
+
+ </Directory>
+ </IfModule>
+
+ <Location /modules/h2/hello.pl>
+ </Location>
+ <IfModule mod_rewrite.c>
+ RewriteEngine on
+ RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC]
+ </IfModule>
+
+ </VirtualHost>
+
+ <IfModule @ssl_module@>
+
+ <VirtualHost @SERVERNAME@:h2>
+ Protocols h2 http/1.1
+ H2Direct on
+
+ SSLEngine on
+ SSLCACertificateFile @SSLCA@/asf/certs/ca.crt
+ SSLCACertificatePath @ServerRoot@/conf/ssl
+ SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
+ SSLCARevocationCheck chain
+
+ # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
+ #
+ SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
+ SSLProtocol All -SSLv2 -SSLv3
+ SSLOptions +StdEnvVars
+
+ <IfVersion >= 2.4.18>
+ # need this off as long as we ran on old openssl
+ H2ModernTLSOnly off
+ </IfVersion>
+
+ <IfModule @CGI_MODULE@>
+ <Directory @SERVERROOT@/htdocs/modules/h2>
+ Options +ExecCGI
+ AddHandler cgi-script .pl
+ </Directory>
+ </IfModule>
+
+ <Location /modules/h2/hello.pl>
+ </Location>
+ <IfModule mod_rewrite.c>
+ RewriteEngine on
+ RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC]
+ </IfModule>
+
+ </VirtualHost>
+
+ <VirtualHost noh2.example.org:h2>
+ Protocols http/1.1
+ H2Direct off
+ </VirtualHost>
+
+ <VirtualHost test.example.org:h2>
+ Protocols h2 http/1.1
+ H2Direct on
+
+ SSLEngine on
+ SSLCACertificateFile @SSLCA@/asf/certs/ca.crt
+ SSLCACertificatePath @ServerRoot@/conf/ssl
+ SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl
+ SSLCARevocationCheck chain
+
+ # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
+ #
+ SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
+ SSLProtocol All -SSLv2 -SSLv3
+ SSLOptions +StdEnvVars
+
+ </VirtualHost>
+
+ <VirtualHost test2.example.org:h2>
+ Protocols http/1.1 h2
+ H2Direct on
+ </VirtualHost>
+
+ <VirtualHost test-ser.example.org:h2>
+ </VirtualHost>
+
+ </ifModule>
+
+ </IfModule>
+
+</IfDefine>
+