From c9cf025fadfe043f0f2f679e10d1207d8a158bb6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:01:31 +0200 Subject: Adding debian version 2.4.57-2. Signed-off-by: Daniel Baumann --- debian/perl-framework/t/conf/ssl/proxyssl.conf.in | 124 ++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 debian/perl-framework/t/conf/ssl/proxyssl.conf.in (limited to 'debian/perl-framework/t/conf/ssl/proxyssl.conf.in') diff --git a/debian/perl-framework/t/conf/ssl/proxyssl.conf.in b/debian/perl-framework/t/conf/ssl/proxyssl.conf.in new file mode 100644 index 0000000..3c86c13 --- /dev/null +++ b/debian/perl-framework/t/conf/ssl/proxyssl.conf.in @@ -0,0 +1,124 @@ + + + + + #here we can test http <-> https + + #these are not on by default in the 1.x based mod_ssl + + SSLProxyEngine On + + SSLProxyProtocol All + SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem + #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy + + SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLProxyCACertificatePath @ServerRoot@/conf/ssl + SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl + = 2.3.15> + SSLProxyCARevocationCheck chain + + SSLProxyVerify on + SSLProxyVerifyDepth 10 + + + + ProxyPass / https://@proxyssl_url@/ + ProxyPassReverse / https://@proxyssl_url@/ + + + + #here we can test https <-> https + + SSLEngine on + + #these are not on by default in the 1.x based mod_ssl + + SSLProxyEngine On + # ensure that client_ok.pem is picked first: + SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem + SSLProxyMachineCertificatePath @SSLCA@/asf/proxy + SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLProxyVerify on + SSLProxyCARevocationPath @SSLCA@/asf/crl + = 2.3.15> + SSLProxyCARevocationCheck chain + + + + + ProxyPass / https://@proxyssl_url@/ + ProxyPassReverse / https://@proxyssl_url@/ + + + #here we can test http <-> https using SSLProxyMachine* inside + + #these are not on by default in the 1.x based mod_ssl + + SSLProxyEngine On + + SSLProxyProtocol All + SSLProxyCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLProxyCACertificatePath @ServerRoot@/conf/ssl + SSLProxyCARevocationFile @SSLCA@/asf/crl/ca-bundle.crl + = 2.3.15> + SSLProxyCARevocationCheck chain + + SSLProxyVerify on + SSLProxyVerifyDepth 10 + + + + ProxyPass / https://@proxyssl_url@/ + ProxyPassReverse / https://@proxyssl_url@/ + + + SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem + #SSLProxyMachineCertificatePath @SSLCA@/asf/proxy + + + + + + #here we can test https <-> https using SSLProxyMachine* inside + + SSLEngine on + + #these are not on by default in the 1.x based mod_ssl + + SSLProxyEngine On + SSLProxyCACertificateFile @SSLCA@/asf/certs/ca.crt + SSLProxyVerify on + SSLProxyCARevocationPath @SSLCA@/asf/crl + = 2.3.15> + SSLProxyCARevocationCheck chain + + + + + ProxyPass / https://@proxyssl_url@/ + ProxyPassReverse / https://@proxyssl_url@/ + + + # ensure that client_ok.pem is picked first: + SSLProxyMachineCertificateFile @SSLCA@/asf/proxy/client_ok.pem + SSLProxyMachineCertificatePath @SSLCA@/asf/proxy + + + + + #here we can test https <-> http + + SSLEngine on + + ProxyPass / http://@servername@:@port@/ + ProxyPassReverse / http://@servername@:@port@/ + + + + + -- cgit v1.2.3