Description:	Option to enable support for insecure renegotiation
Syntax:	`SSLInsecureRenegotiation flag`
Context:	server config, virtual host
Status:	Extension
Module:	mod_ssl
Compatibility:	Available in httpd 2.3 and later, if using OpenSSL 1.0.0 Beta 5 or later

SSLOCSPDefaultResponder Directive

Modified: httpd/httpd/trunk/docs/manual/mod/quickreference.html.en URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/quickreference.html.en?rev=906077&r1=906076&r2=906077&view=diff ============================================================================== --- httpd/httpd/trunk/docs/manual/mod/quickreference.html.en (original) +++ httpd/httpd/trunk/docs/manual/mod/quickreference.html.en Wed Feb 3 14:59:03 2010 @@ -770,101 +770,102 @@ - - - - - + + + + + - - + - - - - - - - - - - - - + + + + + - - - + - - - - - - - + + - - - - - + + + + - - + - - - - - - - + + + + - - - - + - - - - + + - - + - - - - -

Description:	Set the default responder URI for OCSP validation
SSLCryptoDevice engine	builtin	s	E
Enable use of a cryptographic hardware accelerator
SSLEngine on\|off\|optional	off	sv	E
SSL Engine Operation Switch
SSLHonorCiperOrder flag		sv	E
Option to prefer the server's cipher preference order
SSLOCSDefaultResponder uri		sv	E
Set the default responder URI for OCSP validation
SSLOCSPEnable flag		sv	E
Enable OCSP validation of the client certificate chain
SSLOCSPOverrideResponder flag		sv	E
Force use of the default responder URI for OCSP validation
SSLOptions [+\|-]option ...		svdh	E
Configure various SSL engine run-time options
SSLPassPhraseDialog type	builtin	s	E
Type of pass phrase dialog for encrypted private +
SSLInsecureRenegotiation flag		sv	E
Option to enable support for insecure renegotiation
SSLOCSDefaultResponder uri		sv	E
Set the default responder URI for OCSP validation
SSLOCSPEnable flag		sv	E
Enable OCSP validation of the client certificate chain
SSLOCSPOverrideResponder flag		sv	E
Force use of the default responder URI for OCSP validation
SSLOptions [+\|-]option ...		svdh	E
Configure various SSL engine run-time options
SSLPassPhraseDialog type	builtin	s	E
Type of pass phrase dialog for encrypted private keys
SSLProtocol [+\|-]protocol ...	all	sv	E
Configure usable SSL protocol versions
SSLProxyCACertificateFile file-path		sv	E
File of concatenated PEM-encoded CA Certificates +
SSLProtocol [+\|-]protocol ...	all	sv	E
Configure usable SSL protocol versions
SSLProxyCACertificateFile file-path		sv	E
File of concatenated PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCACertificatePath directory-path		sv	E
Directory of PEM-encoded CA Certificates for +
SSLProxyCACertificatePath directory-path		sv	E
Directory of PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCARevocationFile file-path		sv	E
File of concatenated PEM-encoded CA CRLs for +
SSLProxyCARevocationFile file-path		sv	E
File of concatenated PEM-encoded CA CRLs for Remote Server Auth
SSLProxyCARevocationPath directory-path		sv	E
Directory of PEM-encoded CA CRLs for +
SSLProxyCARevocationPath directory-path		sv	E
Directory of PEM-encoded CA CRLs for Remote Server Auth
SSLProxyCheckPeerCN on\|off	on	sv	E
Whether to check the remote server certificates CN field +
SSLProxyCheckPeerCN on\|off	on	sv	E
Whether to check the remote server certificates CN field
SSLProxyCheckPeerExpire on\|off	on	sv	E
Whether to check if remote server certificate is expired +
SSLProxyCheckPeerExpire on\|off	on	sv	E
Whether to check if remote server certificate is expired
SSLProxyCipherSuite cipher-spec	ALL:!ADH:RC4+RSA:+H +	svdh	E
Cipher Suite available for negotiation in SSL +
SSLProxyCipherSuite cipher-spec	ALL:!ADH:RC4+RSA:+H +	svdh	E
Cipher Suite available for negotiation in SSL proxy handshake
SSLProxyEngine on\|off	off	sv	E
SSL Proxy Engine Operation Switch
SSLProxyMachineCertificateFile filename		s	E
File of concatenated PEM-encoded client certificates and keys to be used by the proxy
SSLProxyMachineCertificatePath directory		s	E
Directory of PEM-encoded client certificates and keys to be used by the proxy
SSLProxyProtocol [+\|-]protocol ...	all	sv	E
Configure usable SSL protocol flavors for proxy usage
SSLProxyVerify level	none	svdh	E
Type of remote server Certificate verification
SSLProxyVerifyDepth number	1	svdh	E
Maximum depth of CA Certificates in Remote Server +
SSLProxyEngine on\|off	off	sv	E
SSL Proxy Engine Operation Switch
SSLProxyMachineCertificateFile filename		s	E
File of concatenated PEM-encoded client certificates and keys to be used by the proxy
SSLProxyMachineCertificatePath directory		s	E
Directory of PEM-encoded client certificates and keys to be used by the proxy
SSLProxyProtocol [+\|-]protocol ...	all	sv	E
Configure usable SSL protocol flavors for proxy usage
SSLProxyVerify level	none	svdh	E
Type of remote server Certificate verification
SSLProxyVerifyDepth number	1	svdh	E
Maximum depth of CA Certificates in Remote Server Certificate verification
SSLRandomSeed context source -[bytes]		s	E
Pseudo Random Number Generator (PRNG) seeding +
SSLRandomSeed context source +[bytes]		s	E
Pseudo Random Number Generator (PRNG) seeding source
SSLRenegBufferSize `bytes`	131072	dh	E
Set the size for the SSL renegotiation buffer
SSLRequire expression		dh	E
Allow access only when an arbitrarily complex +
SSLRenegBufferSize `bytes`	131072	dh	E
Set the size for the SSL renegotiation buffer
SSLRequire expression		dh	E
Allow access only when an arbitrarily complex boolean expression is true
SSLRequireSSL		dh	E
Deny access when SSL is not used for the +
SSLRequireSSL		dh	E
Deny access when SSL is not used for the HTTP request
SSLSessionCache type	none	s	E
Type of the global/inter-process SSL Session +
SSLSessionCache type	none	s	E
Type of the global/inter-process SSL Session Cache
SSLSessionCacheTimeout seconds	300	sv	E
Number of seconds before an SSL session expires +
SSLSessionCacheTimeout seconds	300	sv	E
Number of seconds before an SSL session expires in the Session Cache
SSLStrictSNIVHostCheck on\|off	off	sv	E
Whether to allow non SNI clients to access a name based virtual +
SSLStrictSNIVHostCheck on\|off	off	sv	E
Whether to allow non SNI clients to access a name based virtual host.
SSLUserName varname		sdh	E
Variable name to determine user name
SSLVerifyClient level	none	svdh	E
Type of Client Certificate verification
SSLVerifyDepth number	1	svdh	E
Maximum depth of CA Certificates in Client +
SSLUserName varname		sdh	E
Variable name to determine user name
SSLVerifyClient level	none	svdh	E
Type of Client Certificate verification
SSLVerifyDepth number	1	svdh	E
Maximum depth of CA Certificates in Client Certificate verification
StartServers `number`		s	M
Number of child server processes created at startup
StartThreads `number`		s	M
Number of threads created on startup
Substitute `s/pattern/substitution/[infq]`		dh	X
Pattern to filter the response content
SuexecUserGroup User Group		sv	E
User and group for CGI programs to run as
ThreadLimit `number`		s	M
Sets the upper limit on the configurable number of threads +
StartServers `number`		s	M
Number of child server processes created at startup
StartThreads `number`		s	M
Number of threads created on startup
Substitute `s/pattern/substitution/[infq]`		dh	X
Pattern to filter the response content
SuexecUserGroup User Group		sv	E
User and group for CGI programs to run as
ThreadLimit `number`		s	M
Sets the upper limit on the configurable number of threads per child process
ThreadsPerChild `number`		s	M
Number of threads created by each child process
ThreadStackSize `size`		s	M
The size in bytes of the stack used by threads handling +
ThreadsPerChild `number`		s	M
Number of threads created by each child process
ThreadStackSize `size`		s	M
The size in bytes of the stack used by threads handling client connections
TimeOut `seconds`	300	sv	C
Amount of time the server will wait for +
TimeOut `seconds`	300	sv	C
Amount of time the server will wait for certain events before failing a request
TraceEnable `[on\|off\|extended]`	on	s	C
Determines the behaviour on `TRACE` +
TraceEnable `[on\|off\|extended]`	on	s	C
Determines the behaviour on `TRACE` requests
TransferLog `file`\|`pipe`		sv	B
Specify location of a log file
TypesConfig `file-path`	conf/mime.types	s	B
The location of the `mime.types` file
UnDefine `parameter-name`		s	C
Undefine the existence of a variable
UnsetEnv `env-variable` [`env-variable`] -...		svdh	B
Removes variables from the environment
UseCanonicalName On\|Off\|DNS	Off	svd	C
Configures how the server determines its own name and +
TransferLog `file`\|`pipe`		sv	B
Specify location of a log file
TypesConfig `file-path`	conf/mime.types	s	B
The location of the `mime.types` file
UnDefine `parameter-name`		s	C
Undefine the existence of a variable
UnsetEnv `env-variable` [`env-variable`] +...		svdh	B
Removes variables from the environment
UseCanonicalName On\|Off\|DNS	Off	svd	C
Configures how the server determines its own name and port
UseCanonicalPhysicalPort On\|Off	Off	svd	C
Configures how the server determines its own name and +
UseCanonicalPhysicalPort On\|Off	Off	svd	C
Configures how the server determines its own name and port
User `unix-userid`	#-1	s	B
The userid under which the server will answer +
User `unix-userid`	#-1	s	B
The userid under which the server will answer requests
UserDir directory-filename [directory-filename] ... -		sv	B
Location of the user-specific directories
VHostCGIMode On\|Off\|Secure	On	v	X
Determines whether the virtualhost can run +
UserDir directory-filename [directory-filename] ... +		sv	B
Location of the user-specific directories
VHostCGIMode On\|Off\|Secure	On	v	X
Determines whether the virtualhost can run subprocesses, and the privileges available to subprocesses.
VHostPrivs [+-]?`privilege-name` [[+-]?privilege-name] ...		v	X
Assign arbitrary privileges to subprocesses created +
VHostPrivs [+-]?`privilege-name` [[+-]?privilege-name] ...		v	X
Assign arbitrary privileges to subprocesses created by a virtual host.
VHostGroup `unix-groupid`		v	X
Sets the Group ID under which a virtual host runs.
VHostPrivs [+-]?`privilege-name` [[+-]?privilege-name] ...		v	X
Assign arbitrary privileges to a virtual host.
VHostSecure On\|Off	On	v	X
Determines whether the server runs with enhanced security +
VHostGroup `unix-groupid`		v	X
Sets the Group ID under which a virtual host runs.
VHostPrivs [+-]?`privilege-name` [[+-]?privilege-name] ...		v	X
Assign arbitrary privileges to a virtual host.
VHostSecure On\|Off	On	v	X
Determines whether the server runs with enhanced security for the virtualhost.
VHostUser `unix-userid`		v	X
Sets the User ID under which a virtual host runs.
VirtualDocumentRoot interpolated-directory\|none	none	sv	E
Dynamically configure the location of the document root +
VHostUser `unix-userid`		v	X
Sets the User ID under which a virtual host runs.
VirtualDocumentRoot interpolated-directory\|none	none	sv	E
Dynamically configure the location of the document root for a given virtual host
VirtualDocumentRootIP interpolated-directory\|none	none	sv	E
Dynamically configure the location of the document root +
VirtualDocumentRootIP interpolated-directory\|none	none	sv	E
Dynamically configure the location of the document root for a given virtual host
<VirtualHost +
<VirtualHost `addr`[:`port`] [`addr`[:`port`]] - ...> ... </VirtualHost>		s	C
Contains directives that apply only to a specific + ...> ... </VirtualHost>				s	C
Contains directives that apply only to a specific hostname or IP address
VirtualScriptAlias interpolated-directory\|none	none	sv	E
Dynamically configure the location of the CGI directory for +
VirtualScriptAlias interpolated-directory\|none	none	sv	E
Dynamically configure the location of the CGI directory for a given virtual host
VirtualScriptAliasIP interpolated-directory\|none	none	sv	E
Dynamically configure the location of the cgi directory for +
VirtualScriptAliasIP interpolated-directory\|none	none	sv	E
Dynamically configure the location of the cgi directory for a given virtual host
XBitHack on\|off\|full	off	svdh	B
Parse SSI directives in files with the execute bit +
XBitHack on\|off\|full	off	svdh	B
Parse SSI directives in files with the execute bit set

SSLInsecureRenegotiation Directive

Example

SSLOCSPDefaultResponder Directive