blob: 24cf51da3fb683950bb81403c658ab432e3ca123 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
Listen 443
Listen 8080
Listen 32100
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
<VirtualHost *:8080>
ServerAdmin httpserver-onap.org
ServerName httpserver-onap.org
DocumentRoot /usr/local/apache2/htdocs
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
SSLCertificateFile /usr/local/apache2/certs/keystore.pem
SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>
<VirtualHost *:443>
ServerAdmin httpserver-onap.org
ServerName httpserver-onap.org
DocumentRoot /usr/local/apache2/htdocs
<Directory "/usr/local/apache2/htdocs">
SSLVerifyClient optional
SSLVerifyDepth 2
SSLOptions +FakeBasicAuth +StrictRequire
<RequireAll>
Require ssl-verify-client
</RequireAll>
Options Indexes FollowSymLinks MultiViews
AuthType Basic
AuthName "Restricted Content"
AuthBasicProvider file
AuthUserFile /usr/local/apache2/conf/.htpasswd
Require valid-user
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
SSLCertificateFile /usr/local/apache2/certs/keystore.pem
SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>
<VirtualHost *:32100>
ServerAdmin httpserver-onap.org
ServerName httpserver-onap.org
DocumentRoot /usr/local/apache2/htdocs
AuthJWTSignatureAlgorithm HS256
AuthJWTSignatureSharedSecret Q0hBTkdFTUU=
AuthJWTIss onap
<Directory "/usr/local/apache2/htdocs">
AllowOverride None
Options Indexes FollowSymLinks MultiViews
AuthType jwt
AuthName "Restricted Content"
Require valid-user
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLCACertificateFile /usr/local/apache2/certs/truststore.pem
SSLCertificateFile /usr/local/apache2/certs/keystore.pem
SSLCertificateKeyFile /usr/local/apache2/certs/key.pem
</VirtualHost>
|
