Listen 443
Listen 8080
Listen 32100

SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog  builtin

SSLSessionCache        "shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  300

<VirtualHost *:8080>
	ServerAdmin httpserver-onap.org
	ServerName  httpserver-onap.org

	DocumentRoot /usr/local/apache2/htdocs

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	SSLEngine on
	SSLProtocol -all +TLSv1.2
	SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
    SSLHonorCipherOrder off
	SSLSessionTickets off

	SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
    SSLCertificateFile /usr/local/apache2/certs/keystore.pem
    SSLCertificateKeyFile /usr/local/apache2/certs/key.pem

</VirtualHost>

<VirtualHost *:443>

    ServerAdmin httpserver-onap.org
	ServerName httpserver-onap.org

	DocumentRoot /usr/local/apache2/htdocs
	<Directory "/usr/local/apache2/htdocs">
        SSLVerifyClient optional
		SSLVerifyDepth 2
		SSLOptions +FakeBasicAuth +StrictRequire
		<RequireAll>
            Require ssl-verify-client
        </RequireAll>
        Options Indexes FollowSymLinks MultiViews
        AuthType Basic
	    AuthName "Restricted Content"
		AuthBasicProvider file
        AuthUserFile /usr/local/apache2/conf/.htpasswd
        Require valid-user
    </Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	SSLEngine on
	SSLProtocol -all +TLSv1.2
	SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
   	SSLHonorCipherOrder off
    SSLSessionTickets off

    SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
    SSLCertificateFile /usr/local/apache2/certs/keystore.pem
    SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>
<VirtualHost *:32100>

	ServerAdmin httpserver-onap.org
    ServerName httpserver-onap.org

    DocumentRoot /usr/local/apache2/htdocs
	AuthJWTSignatureAlgorithm HS256
	AuthJWTSignatureSharedSecret Q0hBTkdFTUU=
    AuthJWTIss onap
	<Directory "/usr/local/apache2/htdocs">
        AllowOverride None
        Options Indexes FollowSymLinks MultiViews
        AuthType jwt
        AuthName "Restricted Content"
        Require valid-user
        RewriteEngine On
        RewriteCond %{HTTP:Authorization} ^(.*)
        RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
    </Directory>

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	SSLEngine on
	SSLProtocol -all +TLSv1.2
	SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
   	SSLHonorCipherOrder off
    SSLSessionTickets off

	SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
    SSLCertificateFile /usr/local/apache2/certs/keystore.pem
    SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>