diff options
Diffstat (limited to 'debian/perl-framework/t/conf/http2.conf.in')
-rw-r--r-- | debian/perl-framework/t/conf/http2.conf.in | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/debian/perl-framework/t/conf/http2.conf.in b/debian/perl-framework/t/conf/http2.conf.in new file mode 100644 index 0000000..2e6ca67 --- /dev/null +++ b/debian/perl-framework/t/conf/http2.conf.in @@ -0,0 +1,105 @@ +## +## mod_http2 test config +## + +<IfDefine APACHE2> + <IfModule http2_module> + + LogLevel http2:debug + + <VirtualHost h2c> + Protocols h2c http/1.1 + + <IfModule @CGI_MODULE@> + <Directory @SERVERROOT@/htdocs/modules/h2> + Options +ExecCGI + AddHandler cgi-script .pl + + </Directory> + </IfModule> + + <Location /modules/h2/hello.pl> + </Location> + <IfModule mod_rewrite.c> + RewriteEngine on + RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC] + </IfModule> + + </VirtualHost> + + <IfModule @ssl_module@> + + <VirtualHost @SERVERNAME@:h2> + Protocols h2 http/1.1 + H2Direct on + + SSLEngine on + SSLCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLCACertificatePath @ServerRoot@/conf/ssl + SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl + SSLCARevocationCheck chain + + # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + # + SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK + SSLProtocol All -SSLv2 -SSLv3 + SSLOptions +StdEnvVars + + <IfVersion >= 2.4.18> + # need this off as long as we ran on old openssl + H2ModernTLSOnly off + </IfVersion> + + <IfModule @CGI_MODULE@> + <Directory @SERVERROOT@/htdocs/modules/h2> + Options +ExecCGI + AddHandler cgi-script .pl + </Directory> + </IfModule> + + <Location /modules/h2/hello.pl> + </Location> + <IfModule mod_rewrite.c> + RewriteEngine on + RewriteRule ^/modules/h2/latest.tar.gz$ /modules/h2/xxx-1.0.2a.tar.gz [R=302,NC] + </IfModule> + + </VirtualHost> + + <VirtualHost noh2.example.org:h2> + Protocols http/1.1 + H2Direct off + </VirtualHost> + + <VirtualHost test.example.org:h2> + Protocols h2 http/1.1 + H2Direct on + + SSLEngine on + SSLCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLCACertificatePath @ServerRoot@/conf/ssl + SSLCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl + SSLCARevocationCheck chain + + # taken from https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations + # + SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK + SSLProtocol All -SSLv2 -SSLv3 + SSLOptions +StdEnvVars + + </VirtualHost> + + <VirtualHost test2.example.org:h2> + Protocols http/1.1 h2 + H2Direct on + </VirtualHost> + + <VirtualHost test-ser.example.org:h2> + </VirtualHost> + + </ifModule> + + </IfModule> + +</IfDefine> + |