diff options
Diffstat (limited to 'sca-cpp/trunk/modules/http/httpd-ssl-conf')
| -rwxr-xr-x | sca-cpp/trunk/modules/http/httpd-ssl-conf | 26 |
1 files changed, 11 insertions, 15 deletions
diff --git a/sca-cpp/trunk/modules/http/httpd-ssl-conf b/sca-cpp/trunk/modules/http/httpd-ssl-conf index 3cb90d61e0..f99a10071c 100755 --- a/sca-cpp/trunk/modules/http/httpd-ssl-conf +++ b/sca-cpp/trunk/modules/http/httpd-ssl-conf @@ -43,6 +43,15 @@ htdocs=`echo $conf | awk '{ print $8 }'` mkdir -p $htdocs htdocs=`echo "import os; print os.path.realpath('$htdocs')" | python` +uname=`uname -s` +if [ $uname = "Darwin" ]; then + libsuffix=".dylib" +else + libsuffix=".so" +fi + +modules_prefix=`cat $here/httpd-modules.prefix` + # Extract organization name from our CA certificate org=`openssl x509 -noout -subject -nameopt multiline -in $root/cert/ca.crt | grep organizationName | awk -F "= " '{ print $2 }'` @@ -69,7 +78,7 @@ ServerName https://$host$sslpportsuffix <Location /> RewriteEngine on -RewriteCond %{HTTP_HOST} !^$host [NC] +Include conf/hostcond.conf RewriteCond %{HTTP:X-Forwarded-Server} ^$ [NC] RewriteCond %{REQUEST_URI} !^/server-status [NC] RewriteCond %{REQUEST_URI} !^/balancer-manager [NC] @@ -176,7 +185,7 @@ Include conf/log-ssl.conf # Enable HTTPS reverse proxy ProxyRequests Off -ProxyPreserveHost Off +ProxyPreserveHost On ProxyStatus On SSLProxyEngine on SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL @@ -222,11 +231,6 @@ CustomLog $root/logs/ssl_access_log sslcombined EOF # Configure virtual hosts -proxycert="server" -if [ "$proxyconf" != "" ]; then - proxycert="proxy" -fi - cat >$root/conf/svhost-ssl.conf <<EOF # Generated by: httpd-ssl-conf $* # Static virtual host configuration @@ -238,10 +242,6 @@ SSLCertificateChainFile "$root/cert/ca.crt" SSLCertificateFile "$root/cert/server.crt" SSLCertificateKeyFile "$root/cert/server.key" -# Declare proxy SSL client certificates -SSLProxyCACertificateFile "$root/cert/ca.crt" -SSLProxyMachineCertificateFile "$root/cert/$proxycert.pem" - EOF cat >$root/conf/dvhost-ssl.conf <<EOF @@ -255,9 +255,5 @@ SSLCertificateChainFile "$root/cert/ca.crt" SSLCertificateFile "$root/cert/vhost.crt" SSLCertificateKeyFile "$root/cert/vhost.key" -# Declare proxy SSL client certificates -SSLProxyCACertificateFile "$root/cert/ca.crt" -SSLProxyMachineCertificateFile "$root/cert/$proxycert.pem" - EOF |