You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Yehuda Katz <ye...@ymkatz.net> on 2016/03/04 07:41:46 UTC

Re: [users@httpd]

Debian includes the files in /etc/apache2/mods-enabled, not mods-available.
If mods-enabled/ssl.conf is a symlink to mods-available/ssl.conf, it will
be included in apache2.conf.
You haven't specified which version of Debian or Apache you use, but in
Apache 2.4, the line in apache2.conf looks like this:
IncludeOptional mods-enabled/*.conf

As far as which config takes precedence, it isn't so simple. Have a look at
the manual here: http://httpd.apache.org/docs/2.4/sections.html#merging

- Y

On Thu, Mar 3, 2016 at 5:31 PM, schnappiwololo@yahoo.com.INVALID <
schnappiwololo@yahoo.com.invalid> wrote:

> Hello All,
>
> Apache options like "SSLProtocol", "SSLCipherSuite", and
> "HonorCipherOrder" among others can be put in both
> /etc/apache2/apache2.conf (Debian based) or
> etc/apache2/mods-available/ssl.conf (or even the virtual host configuration
> file).
>
> Which location should these server wide SSL settings be
> optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and
> more importantly if the settings conflict in these two files/ locations
> which setting/file takes precedence?
>
> Thanks.
>

Re: [users@httpd]

Posted by Luca Toscano <to...@gmail.com>.

Hello!

2016-03-04 9:30 GMT+01:00 Daniel <df...@gmail.com>:

> Files where directives are defined do not matter at all, what matters is
> the "Context" in which they are placed, that is server config, virtualhost,
> directory, etc, If you look at the official docs all directives have a
> specific context in which they can be used.
>

Adding some details about what Daniel was referring to:
http://httpd.apache.org/docs/2.4/sections.html



> On Thu, Mar 3, 2016 at 5:31 PM, schnappiwololo@yahoo.com.INVALID <
>> schnappiwololo@yahoo.com.invalid> wrote:
>>>
>>>
>>> Apache options like "SSLProtocol", "SSLCipherSuite", and
>>> "HonorCipherOrder" among others can be put in both
>>> /etc/apache2/apache2.conf (Debian based) or
>>> etc/apache2/mods-available/ssl.conf (or even the virtual host configuration
>>> file).
>>>
>>> Which location should these server wide SSL settings be
>>> optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and
>>> more importantly if the settings conflict in these two files/ locations
>>> which setting/file takes precedence?
>>>
>>>
My personal view: I would place them only where they are needed (i.e. if
you have only one Virtual host listening on port 443 with all the SSL
directives in there). For the precedence question, please check the above
link!

Hope that makes sense!

Luca

Re: [users@httpd]

Posted by Daniel <df...@gmail.com>.

Files where directives are defined do not matter at all, what matters is
the "Context" in which they are placed, that is server config, virtualhost,
directory, etc, If you look at the official docs all directives have a
specific context in which they can be used.

El vie., 4 de mar. de 2016 7:42, Yehuda Katz <ye...@ymkatz.net> escribió:

> Debian includes the files in /etc/apache2/mods-enabled, not
> mods-available. If mods-enabled/ssl.conf is a symlink to
> mods-available/ssl.conf, it will be included in apache2.conf.
> You haven't specified which version of Debian or Apache you use, but in
> Apache 2.4, the line in apache2.conf looks like this:
> IncludeOptional mods-enabled/*.conf
>
> As far as which config takes precedence, it isn't so simple. Have a look
> at the manual here: http://httpd.apache.org/docs/2.4/sections.html#merging
>
> - Y
>
> On Thu, Mar 3, 2016 at 5:31 PM, schnappiwololo@yahoo.com.INVALID <
> schnappiwololo@yahoo.com.invalid> wrote:
>
>> Hello All,
>>
>> Apache options like "SSLProtocol", "SSLCipherSuite", and
>> "HonorCipherOrder" among others can be put in both
>> /etc/apache2/apache2.conf (Debian based) or
>> etc/apache2/mods-available/ssl.conf (or even the virtual host configuration
>> file).
>>
>> Which location should these server wide SSL settings be
>> optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and
>> more importantly if the settings conflict in these two files/ locations
>> which setting/file takes precedence?
>>
>> Thanks.
>>
>
>