ServerName mariantonia.prceu.usp.br ServerAlias www.mariantonia.prceu.usp.br ServerAlias https://www.mariantonia.prceu.usp.br ServerAlias https://mariantonia.prceu.usp.br ServerAlias https:/www.mariantonia.prceu.usp.br:443 ServerAlias https://mariantonia.prceu.usp.br:443 ServerAdmin imprensama@usp.br DocumentRoot /dados/mariantonia # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. LogLevel error ssl:warn ErrorLog ${APACHE_LOG_DIR}/error-ssl.log CustomLog ${APACHE_LOG_DIR}/access-ssl.log combined #Include conf-available/serve-cgi-bin.conf # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on SSLUseStapling off SSLCertificateFile /etc/letsencrypt/live/mariantonia.prceu.usp.br/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mariantonia.prceu.usp.br/privkey.pem SSLCACertificatePath /etc/letsencrypt/archive/mariantonia.prceu.usp.br SSLCACertificateFile /etc/letsencrypt/live/mariantonia.prceu.usp.br/chain.pem # SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem # SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key # Server Certificate Chain: #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt # Certificate Authority (CA): #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt #SSLCARevocationPath /etc/apache2/ssl.crl/ #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl #SSLVerifyClient require #SSLVerifyDepth 10 #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLOptions +StdEnvVars SSLOptions +StdEnvVars BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 Options Indexes FollowSymLinks AllowOverride None Options -Indexes +FollowSymLinks AllowOverride Limit Options FileInfo Require all granted Options +FollowSymLinks Require all granted SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 SSLHonorCipherOrder off # vim: syntax=apache ts=4 sw=4 sts=4 sr noet