Return-Path: X-Original-To: apmail-httpd-cvs-archive@www.apache.org Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 22FADC0E4 for ; Fri, 4 May 2012 15:48:21 +0000 (UTC) Received: (qmail 89466 invoked by uid 500); 4 May 2012 15:48:20 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 89401 invoked by uid 500); 4 May 2012 15:48:20 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 89393 invoked by uid 99); 4 May 2012 15:48:20 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 May 2012 15:48:20 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 04 May 2012 15:47:23 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 85E1A2388C6C; Fri, 4 May 2012 15:46:32 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1334039 [14/23] - in /httpd/httpd/branches/2.4.x/docs/manual: ./ developer/ howto/ misc/ mod/ platform/ programs/ rewrite/ ssl/ vhosts/ Date: Fri, 04 May 2012 15:45:38 -0000 To: cvs@httpd.apache.org From: humbedooh@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120504154632.85E1A2388C6C@eris.apache.org> Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.en URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.en?rev=1334039&r1=1334038&r2=1334039&view=diff ============================================================================== --- httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.en (original) +++ httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.en Fri May 4 15:45:05 2012 @@ -597,7 +597,7 @@ simultaneously MetaDir directory .web svdhEName of the directory to find CERN-style meta information files MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containg CERN-style +MetaSuffix suffix .meta svdhEFile name suffix for the file containing CERN-style meta information MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file @@ -662,348 +662,350 @@ and scripting events. ProxyHTMLInterp On|OffsvdBEnables per-request interpolation of ProxyHTMLURLMap rules. ProxyHTMLLinks element attribute [attribute2 ...]svdBSpecify HTML elements that have URL attributes to be rewritten. -ProxyHTMLStripComments On|OffsvdBDetermines whether to strip HTML comments. -ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links -ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer -<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched +ProxyHTMLMeta On|OffsvdBTurns on or off extra pre-parsing of metadata in HTML +<head> sections. +ProxyHTMLStripComments On|OffsvdBDetermines whether to strip HTML comments. +ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdBDefines a rule to rewrite HTML links +ProxyIOBufferSize bytes 8192 svEDetermine size of internal data throughput buffer +<ProxyMatch regex> ...</ProxyMatch>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number -1 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|url [key=value - [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space -ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations -ProxyPassMatch [regex] !|url [key=value - [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions -ProxyPassReverse [path] url -[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse +ProxyPass [path] !|url [key=value + [key=value ...]] [nocanon] [interpolate] [noquery]svdEMaps remote servers into the local server URL-space +ProxyPassInterpolateEnv On|Off Off svdEEnable Environment Variable interpolation in Reverse Proxy configurations +ProxyPassMatch [regex] !|url [key=value + [key=value ...]]svdEMaps remote servers into the local server URL-space using regular expressions +ProxyPassReverse [path] url +[interpolate]svdEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPassReverseCookieDomain internal-domain -public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- +ProxyPassReverseCookieDomain internal-domain +public-domain [interpolate]svdEAdjusts the Domain string in Set-Cookie headers from a reverse- proxied server -ProxyPassReverseCookiePath internal-path -public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- +ProxyPassReverseCookiePath internal-path +public-path [interpolate]svdEAdjusts the Path string in Set-Cookie headers from a reverse- proxied server -ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy +ProxyPreserveHost On|Off Off svdEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP +ProxyReceiveBufferSize bytes 0 svENetwork buffer size for proxied HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemoteMatch regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests On|Off Off svEEnables forward (standard) proxy requests -ProxySCGIInternalRedirect On|Off On svdEEnable or disable internal redirect responses from the +ProxyRequests On|Off Off svEEnables forward (standard) proxy requests +ProxySCGIInternalRedirect On|Off On svdEEnable or disable internal redirect responses from the backend -ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response +ProxySCGISendfile On|Off|Headername Off svdEEnable evaluation of X-Sendfile pseudo response header -ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters -ProxySourceAddress addresssvESet local IP address for outgoing proxy connections -ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status -ProxyTimeout secondssvENetwork timeout for proxied requests -ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response +ProxySet url key=value [key=value ...]dESet various Proxy balancer or member parameters +ProxySourceAddress addresssvESet local IP address for outgoing proxy connections +ProxyStatus Off|On|Full Off svEShow Proxy LoadBalancer status in mod_status +ProxyTimeout secondssvENetwork timeout for proxied requests +ProxyVia On|Off|Full|Block Off svEInformation provided in the Via HTTP response header for proxied requests -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -ReceiveBufferSize bytes 0 sMTCP receive buffer size -Redirect [status] URL-path -URLsvdhBSends an external redirect asking the client to fetch +ReceiveBufferSize bytes 0 sMTCP receive buffer size +Redirect [status] URL-path +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers -RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses -RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses -RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +ReflectorHeader inputheader [outputheader]svdhBReflect an input header to the output headers +RemoteIPHeader header-fieldsvBDeclare the header field which should be parsed for useragent IP addresses +RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPInternalProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPProxiesHeader HeaderFieldNamesvBDeclare the header field which will record all intermediate IP addresses +RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoteIPTrustedProxyList filenamesvBDeclare client intranet IP addresses trusted to present the RemoteIPHeader value +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader add|append|edit|edit*|merge|set|unset header -[value] [replacement] [early|env=[!]variable]svdhEConfigure HTTP request headers -RequestReadTimeout +RequestHeader add|append|edit|edit*|merge|set|unset header +[value] [replacement] [early|env=[!]variable]svdhEConfigure HTTP request headers +RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] -svESet timeout values for receiving request headers and body from client. +svESet timeout values for receiving request headers and body from client. -Require [not] entity-name - [entity-name] ...dhBTests whether an authenticated user is authorized by +Require [not] entity-name + [entity-name] ...dhBTests whether an authenticated user is authorized by an authorization provider. -<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none +<RequireAll> ... </RequireAll>dhBEnclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. -<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one +<RequireAny> ... </RequireAny>dhBEnclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. -<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none +<RequireNone> ... </RequireNone>dhBEnclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteMap MapName MapType:MapSource -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern Substitution [flags]svdhEDefines rules for the rewriting engine -RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern Substitution [flags]svdhEDefines rules for the rewriting engine +RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched by Apache httpd children -RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched +RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched by Apache httpd children -RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by +RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by processes launched by Apache httpd children -Satisfy Any|All All dhEInteraction between host-level access control and +Satisfy Any|All All dhEInteraction between host-level access control and user authentication -ScoreBoardFile file-path logs/apache_status sMLocation of the file used to store coordination data for +ScoreBoardFile file-path logs/apache_status sMLocation of the file used to store coordination data for the child processes -Script method cgi-scriptsvdBActivates a CGI script for a particular request +Script method cgi-scriptsvdBActivates a CGI script for a particular request method. -ScriptAlias URL-path -file-path|directory-pathsvBMaps a URL to a filesystem location and designates the +ScriptAlias URL-path +file-path|directory-pathsvBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI scripts -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path logs/cgisock sBThe filename prefix of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path logs/cgisock sBThe filename prefix of the socket to use for communication with the cgi daemon -SecureListen [IP-address:]portnumber -Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port -SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters +SecureListen [IP-address:]portnumber +Certificate-Name [MUTUAL]sBEnables SSL encryption for the specified port +SeeRequestTail On|Off Off sCDetermine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. -SendBufferSize bytes 0 sMTCP buffer size -ServerAdmin email-address|URLsvCEmail address that the server includes in error +SendBufferSize bytes 0 sMTCP buffer size +ServerAdmin email-address|URLsvCEmail address that the server includes in error messages sent to the client -ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests +ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests to name-virtual hosts -ServerLimit numbersMUpper limit on configurable number of processes -ServerName [scheme://]fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify +ServerLimit numbersMUpper limit on configurable number of processes +ServerName [scheme://]fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify itself -ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that +ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that is accessed by an incompatible browser -ServerRoot directory-path /usr/local/apache sCBase directory for the server installation -ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response +ServerRoot directory-path /usr/local/apache sCBase directory for the server installation +ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response header -Session On|Off Off svdhEEnables a session for the current directory or location -SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session -SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session -SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers -SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session -SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session -SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session -SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session -SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID -SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID -SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers -SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database -SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database -SessionDBDPerUser On|Off Off svdhEEnable a per user session -SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database -SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database -SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the +Session On|Off Off svdhEEnables a session for the current directory or location +SessionCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session +SessionCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session +SessionCookieRemove On|Off Off svdhEControl for whether session cookies should be removed from incoming HTTP headers +SessionCryptoCipher namesvdhXThe crypto cipher to be used to encrypt the session +SessionCryptoDriver name [param[=value]]sXThe crypto driver to be used to encrypt the session +SessionCryptoPassphrase secret [ secret ... ] svdhXThe key used to encrypt the session +SessionCryptoPassphraseFile filenamesvdXFile containing keys used to encrypt the session +SessionDBDCookieName name attributessvdhEName and attributes for the RFC2109 cookie storing the session ID +SessionDBDCookieName2 name attributessvdhEName and attributes for the RFC2965 cookie storing the session ID +SessionDBDCookieRemove On|Off On svdhEControl for whether session ID cookies should be removed from incoming HTTP headers +SessionDBDDeleteLabel label deletesession svdhEThe SQL query to use to remove sessions from the database +SessionDBDInsertLabel label insertsession svdhEThe SQL query to use to insert sessions into the database +SessionDBDPerUser On|Off Off svdhEEnable a per user session +SessionDBDSelectLabel label selectsession svdhEThe SQL query to use to select sessions from the database +SessionDBDUpdateLabel label updatesession svdhEThe SQL query to use to update existing sessions in the database +SessionEnv On|Off Off svdhEControl whether the contents of the session are written to the HTTP_SESSION environment variable -SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored -SessionHeader headersvdhEImport session updates from a given HTTP response header -SessionInclude pathsvdhEDefine URL prefixes for which a session is valid -SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session -SetEnv env-variable valuesvdhBSets environment variables -SetEnvIf attribute +SessionExclude pathsvdhEDefine URL prefixes for which a session is ignored +SessionHeader headersvdhEImport session updates from a given HTTP response header +SessionInclude pathsvdhEDefine URL prefixes for which a session is valid +SessionMaxAge maxage 0 svdhEDefine a maximum age in seconds for a session +SetEnv env-variable valuesvdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfExpr expr +SetEnvIfExpr expr [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression -SetEnvIfNoCase attribute regex + [[!]env-variable[=value]] ...svdhBSets environment variables based on an ap_expr expression +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler handler-name|NonesvdhCForces all matching files to be processed by a +SetHandler handler-name|NonesvdhCForces all matching files to be processed by a handler -SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST +SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST input -SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the +SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the server -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIETag on|off off dhBControls whether ETags are generated by the server. -SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the +SSIETag on|off off dhBControls whether ETags are generated by the server. +SSILastModified on|off off dhBControls whether Last-Modified headers are generated by the server. -SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. -SSIStartTag tag "<!--#" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSILegacyExprParser on|off off dhBEnable compatibility mode for conditional expressions. +SSIStartTag tag "<!--#" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svdhBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLCADNRequestFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for defining acceptable CA names -SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCADNRequestPath directory-pathsvEDirectory of PEM-encoded CA Certificates for defining acceptable CA names -SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 Certificate file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded Private Key file -SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 Certificate file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded Private Key file +SSLCipherSuite cipher-spec DEFAULT (depends on +svdhECipher Suite available for negotiation in SSL handshake -SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator -SSLEngine on|off|optional off svESSL Engine Operation Switch -SSLFIPS on|off off sESSL FIPS mode Switch -SSLHonorCipherOrder flagsvEOption to prefer the server's cipher preference order -SSLInsecureRenegotiation flag off svEOption to enable support for insecure renegotiation -SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation -SSLOCSPEnable flagsvEEnable OCSP validation of the client certificate chain -SSLOCSPOverrideResponder flagsvEForce use of the default responder URI for OCSP validation -SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries -SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses -SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLCryptoDevice engine builtin sEEnable use of a cryptographic hardware accelerator +SSLEngine on|off|optional off svESSL Engine Operation Switch +SSLFIPS on|off off sESSL FIPS mode Switch +SSLHonorCipherOrder flagsvEOption to prefer the server's cipher preference order +SSLInsecureRenegotiation flag off svEOption to enable support for insecure renegotiation +SSLOCSDefaultResponder urisvESet the default responder URI for OCSP validation +SSLOCSPEnable flagsvEEnable OCSP validation of the client certificate chain +SSLOCSPOverrideResponder flagsvEForce use of the default responder URI for OCSP validation +SSLOCSPResponderTimeout seconds 10 svETimeout for OCSP queries +SSLOCSPResponseMaxAge seconds -1 svEMaximum allowable age for OCSP responses +SSLOCSPResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP response validation +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all svEConfigure usable SSL/TLS protocol versions -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all svEConfigure usable SSL/TLS protocol versions +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationCheck chain|leaf|none none svEEnable CRL-based revocation checking for Remote Server Auth +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificates CN field +SSLProxyCheckPeerCN on|off on svEWhether to check the remote server certificates CN field -SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired +SSLProxyCheckPeerExpire on|off on svEWhether to check if remote server certificate is expired -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy -SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svEType of remote server Certificate verification -SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateChainFile filenamesEFile of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded client certificates and keys to be used by the proxy +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded client certificates and keys to be used by the proxy +SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svEType of remote server Certificate verification +SSLProxyVerifyDepth number 1 svEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRenegBufferSize bytes 131072 dhESet the size for the SSL renegotiation buffer +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets -SSLStaplingCache typesEConfigures the OCSP stapling cache -SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache -SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries -SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension -SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries -SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses -SSLStaplingResponseTimeSkew seconds 300 svEMaximum allowable time skew for OCSP stapling response validation -SSLStaplingReturnResponderErrors on|off on svEPass stapling related OCSP errors on to client -SSLStaplingStandardCacheTimeout seconds 3600 svENumber of seconds before expiring responses in the OCSP stapling cache -SSLStrictSNIVHostCheck on|off off svEWhether to allow non-SNI clients to access a name-based virtual +SSLSessionTicketKeyFile file-pathsvEPersistent encryption/decryption key for TLS session tickets +SSLStaplingCache typesEConfigures the OCSP stapling cache +SSLStaplingErrorCacheTimeout seconds 600 svENumber of seconds before expiring invalid responses in the OCSP stapling cache +SSLStaplingFakeTryLater on|off on svESynthesize "tryLater" responses for failed OCSP stapling queries +SSLStaplingForceURL urisvEOverride the OCSP responder URI specified in the certificate's AIA extension +SSLStaplingResponderTimeout seconds 10 svETimeout for OCSP stapling queries +SSLStaplingResponseMaxAge seconds -1 svEMaximum allowable age for OCSP stapling responses [... 109 lines stripped ...]