|
|
|
@ -391,6 +391,14 @@ server.upload-dirs = ( "/var/tmp" )
|
|
|
|
|
## hosting with SSL. If you want to run multiple SSL servers with |
|
|
|
|
## one lighttpd instance you must use IP-based virtual hosting: :: |
|
|
|
|
## |
|
|
|
|
## Mitigate CVE-2009-3555 by disabling client triggered renegotation |
|
|
|
|
## This is enabled by default. |
|
|
|
|
## |
|
|
|
|
## IMPORTANT: this setting can only be used in the global scope. |
|
|
|
|
## It does *not* work inside conditionals |
|
|
|
|
## |
|
|
|
|
# ssl.disable-client-renegotiation = "enable" |
|
|
|
|
## |
|
|
|
|
## $SERVER["socket"] == "10.0.0.1:443" { |
|
|
|
|
## ssl.engine = "enable" |
|
|
|
|
## ssl.pemfile = "/etc/ssl/private/www.example.com.pem" |
|
|
|
@ -408,11 +416,6 @@ server.upload-dirs = ( "/var/tmp" )
|
|
|
|
|
## # |
|
|
|
|
## # ssl.honor-cipher-order = "enable" |
|
|
|
|
## # |
|
|
|
|
## # Mitigate CVE-2009-3555 by disabling client triggered renegotation |
|
|
|
|
## # This is enabled by default. |
|
|
|
|
## # |
|
|
|
|
## # ssl.disable-client-renegotiation = "enable" |
|
|
|
|
## # |
|
|
|
|
## server.name = "www.example.com" |
|
|
|
|
## |
|
|
|
|
## server.document-root = "/srv/www/vhosts/example.com/www/" |
|
|
|
|