1 files changed, 12 insertions, 15 deletions

diff --git a/sca-cpp/trunk/modules/http/proxy-ssl-conf b/sca-cpp/trunk/modules/http/proxy-ssl-conf
index bc1b63fc7d..fe7e6a5be6 100755
--- a/sca-cpp/trunk/modules/http/proxy-ssl-conf
+++ b/sca-cpp/trunk/modules/http/proxy-ssl-conf
@@ -21,17 +21,14 @@
 here=`readlink -f $0`; here=`dirname $here`
 root=`readlink -f $1`
 
-cat >>$root/conf/ssl-vhost.conf <<EOF
+cat >>$root/conf/vhost-ssl.conf <<EOF
 # Generated by: proxy-ssl-conf $*
-# Enable SSL proxy
-SSLProxyEngine on
-SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
-# Configure proxy and balancer
+# Enable HTTPS proxy
 ProxyRequests Off
 ProxyPreserveHost On
 ProxyStatus On
 
+# Enable load balancing
 ProxyPass /balancer-manager !
 ProxyPass / balancer://sslcluster/
 
@@ -50,21 +47,21 @@ Allow from all
 Require user admin
 </Location> 
 
-EOF
+# Enable SSL proxy engine
+SSLProxyEngine on
+SSLProxyCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 
-cat >>$root/conf/ssl-svhost.conf <<EOF
-# Generated by: proxy-ssl-conf $*
-# Setup SSL proxy certificates
-SSLProxyCACertificateFile "$root/conf/ca.crt"
-SSLProxyMachineCertificateFile "$root/conf/server.pem"
+# Verify server certificates
+SSLProxyVerify require
+SSLProxyVerifyDepth 1
 
 EOF
 
-cat >>$root/conf/ssl-dvhost.conf <<EOF
+cat >>$root/conf/vhost-ssl.conf <<EOF
 # Generated by: proxy-ssl-conf $*
-# Setup SSL proxy certificates
+# Declare the proxy SSL client certificates
 SSLProxyCACertificateFile "$root/conf/ca.crt"
-SSLProxyMachineCertificateFile "$root/conf/server.pem"
+SSLProxyMachineCertificateFile "$root/conf/proxy.pem"
 
 EOF