diff options
Diffstat (limited to '')
-rwxr-xr-x | sca-cpp/trunk/modules/http/proxy-ssl-conf | 27 |
1 files changed, 12 insertions, 15 deletions
diff --git a/sca-cpp/trunk/modules/http/proxy-ssl-conf b/sca-cpp/trunk/modules/http/proxy-ssl-conf index bc1b63fc7d..fe7e6a5be6 100755 --- a/sca-cpp/trunk/modules/http/proxy-ssl-conf +++ b/sca-cpp/trunk/modules/http/proxy-ssl-conf @@ -21,17 +21,14 @@ here=`readlink -f $0`; here=`dirname $here` root=`readlink -f $1` -cat >>$root/conf/ssl-vhost.conf <<EOF +cat >>$root/conf/vhost-ssl.conf <<EOF # Generated by: proxy-ssl-conf $* -# Enable SSL proxy -SSLProxyEngine on -SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - -# Configure proxy and balancer +# Enable HTTPS proxy ProxyRequests Off ProxyPreserveHost On ProxyStatus On +# Enable load balancing ProxyPass /balancer-manager ! ProxyPass / balancer://sslcluster/ @@ -50,21 +47,21 @@ Allow from all Require user admin </Location> -EOF +# Enable SSL proxy engine +SSLProxyEngine on +SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL -cat >>$root/conf/ssl-svhost.conf <<EOF -# Generated by: proxy-ssl-conf $* -# Setup SSL proxy certificates -SSLProxyCACertificateFile "$root/conf/ca.crt" -SSLProxyMachineCertificateFile "$root/conf/server.pem" +# Verify server certificates +SSLProxyVerify require +SSLProxyVerifyDepth 1 EOF -cat >>$root/conf/ssl-dvhost.conf <<EOF +cat >>$root/conf/vhost-ssl.conf <<EOF # Generated by: proxy-ssl-conf $* -# Setup SSL proxy certificates +# Declare the proxy SSL client certificates SSLProxyCACertificateFile "$root/conf/ca.crt" -SSLProxyMachineCertificateFile "$root/conf/server.pem" +SSLProxyMachineCertificateFile "$root/conf/proxy.pem" EOF |