Apache HTTP Server/mod gnutls
< Apache HTTP ServerJump to navigation Jump to search
Revision as of 07:13, 29 November 2014 by MichaelRpdx (Updates to reflect AUR upgrade to v0.6. eg, replace 404 web links with current...)
- It is similar to mod_ssl in purpose, but it supports some features and protocols that mod_ssl does not, and it does not use OpenSSL.
Install Arch User Repository.AUR, available in the
- Add these lines to
LoadModule gnutls_module modules/mod_gnutls.so Include conf/extra/httpd-gnutls.conf
- Make sure that the following line is commented in
- Make sure no vhost definitions include mod_ssl
- Create the file
/etc/httpd/conf/extra/httpd-gnutls.confwith the following content:
Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl GnuTLSCache dbm "/var/run/httpd/gnutls_scache" GnuTLSCacheTimeout 600 <VirtualHost _default_:443> DocumentRoot "/srv/http" ServerName www.example.org ServerAdmin firstname.lastname@example.org ErrorLog "/var/log/httpd/error_log" TransferLog "/var/log/httpd/access_log" GnuTLSEnable on GnuTLSPriorities NORMAL GNUTLSExportCertificates on GnuTLSCertificateFile /path/to/certificate/domain.tld.crt GnuTLSKeyFile /path/to/certificate/domain.tld.key </VirtualHost>
- Restart httpd (see Daemon).
- Check that Apache loaded correctly and answers on port 443.
Additional documentation of configuration directives is on the outoforder.cc mod_gnutls documentation page.
You can test or verify your https configuration via SSL Labs analyze tool.
None known as of November 2014