From: Oleg Broytman Date: Tue, 30 Jul 2019 16:14:26 +0000 (+0300) Subject: Fix(add-apache-vhost): Fix SSL files directives X-Git-Url: https://git.phdru.name/?a=commitdiff_plain;h=ee3b9ee58f8d7ce69577a878712cee3889fd0585;p=ansible.git Fix(add-apache-vhost): Fix SSL files directives The files are not created yet. Uncomment the directives when the files will be created by a certification authority (like LetsEncrypt and its client `dehydrated`). --- diff --git a/playbooks/debian/roles/add-apache-vhost/templates/vhost.conf b/playbooks/debian/roles/add-apache-vhost/templates/vhost.conf index f0defef..304b9b4 100644 --- a/playbooks/debian/roles/add-apache-vhost/templates/vhost.conf +++ b/playbooks/debian/roles/add-apache-vhost/templates/vhost.conf @@ -44,7 +44,7 @@ AddDefaultCharset utf-8 ProxyRequests Off -SSLEngine on +SSLEngine off #Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" #Header always set X-Content-Type-Options nosniff #Header always set X-Frame-Options DENY @@ -64,9 +64,9 @@ SSLProxyEngine off #SSLUseStapling on SSLVerifyClient none -SSLCACertificateFile /etc/apache2/ssl/CA.crt -SSLCertificateFile /etc/apache2/ssl/{{ virtual_host }}.crt -SSLCertificateKeyFile /etc/apache2/ssl/{{ virtual_host }}.key +#SSLCACertificateFile /etc/apache2/ssl/CA.crt +#SSLCertificateFile /etc/apache2/ssl/{{ virtual_host }}.crt +#SSLCertificateKeyFile /etc/apache2/ssl/{{ virtual_host }}.key SSLRequireSSL