Listen 80
Listen 443
#<Location /server-status>
    #SetHandler server-status
    #Order deny,allow
    #Deny from all
    #Allow from .your_domain.com
#</Location>
#<Location /server-info>
    #SetHandler server-info
    #Order deny,allow
    #Deny from all
    #Allow from .your_domain.com
#</Location>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
SSLPassPhraseDialog  builtin
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLSessionCache		dbm:/var/run/ssl_scache
SSLSessionCacheTimeout	300
SSLMutex		file:/var/run/ssl_mutex
SSLLog			/var/log/http-engine
SSLLogLevel		info
<VirtualHost _default_:443>
    DocumentRoot		/www/data
    #ServerAdmin		some@host
    #ServerName			some.host
    ErrorLog			/var/log/http-error
    TransferLog 		/var/log/http-access
    SSLEngine			on
    SSLCipherSuite		ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2
    SSLCertificateFile		/etc/apache/ssl.crt/server.crt
    #SSLCertificateFile		/etc/apache/ssl.crt/server-dsa.crt
    SSLCertificateKeyFile	/etc/apache/ssl.key/server.key
    #SSLCertificateKeyFile	/etc/apache/ssl.key/server-dsa.key
    #SSLCertificateChainFile	/etc/apache/ssl.crt/ca.crt
    #SSLCACertificatePath	/etc/apache/ssl.crt
    #SSLCACertificateFile	/etc/apache/ssl.crt/ca-bundle.crt
    #SSLCARevocationPath	/etc/apache/ssl.crl
    #SSLCARevocationFile	/etc/apache/ssl.crl/ca-bundle.crl
    #SSLVerifyClient		require
    #SSLVerifyDepth		10
    #<Location />
    #SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
    #            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
    #            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
    #            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
    #            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
    #           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
    #</Location>
    #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        SSLOptions +StdEnvVars
    </Files>
    <Directory /www/bin>
        SSLOptions +StdEnvVars
    </Directory>
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
    CustomLog /var/log/http-request "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
