ServerName # set to host name or ip address # modify these two lines to match your application set up ProxyPass / http://localhost:8080/ ProxyPassReverse / Http://localhost:8080/ ProxyPreserveHost On ServerAdmin webmaster@localhost # DocumentRoot /var/www/html # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn LogLevel ssl:debug ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on SSLProxyEngine On # LogLevel debug # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/apache2/ssl/vtn_rsa_cert.der SSLCertificateKeyFile /etc/apache2/ssl/vtn_rsa_key.der SSLCertificateFile /etc/apache2/ssl/vtn_ecc_cert.der SSLCertificateKeyFile /etc/apache2/ssl/vtn_ecc_key.der # Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. SSLCACertificateFile /etc/apache2/ssl/cacert.pem RequestHeader add HTTPS %{HTTPS}s SSLCipherSuite AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:AES128-SHA SSLVerifyClient require SSLVerifyDepth 10 RequestHeader add SSL_CLIENT_S_DN_CN %{SSL_CLIENT_S_DN_CN}s RequestHeader set SSL_CLIENT_VERIFY %{SSL_CLIENT_VERIFY}s # vim: syntax=apache ts=4 sw=4 sts=4 sr noet