# The whole SSL configuration in this context applies both to
# the main server and all SSL-enabled virtual hosts.

# We surround the directives with <IfModule> .. </Ifmodule>, so that Apache
# will keep a valid configuration even if mod_ssl is unavailable.
<IfModule mod_ssl.c>
	# These will make apache listen to port 443 in addition to the
	# standard port 80. HTTPS requests use port 443.
	#Listen 80
	Listen 443

	# Some MIME-types for downloading Certificates and CRLs
	AddType application/x-x509-ca-cert .crt
	AddType application/x-pkcs7-crl    .crl

	# Semaphore:
	#   Configure the path to the mutual exclusion semaphore the
	#   SSL engine uses internally for inter-process synchronization.
	SSLMutex file:/var/run/mod_ssl_mutex

	# Inter-Process Session Cache:
	#   Configure the SSL Session Cache: First either `none'
	#   or `dbm:/path/to/file' for the mechanism to use and
	#   second the expiring timeout (in seconds).
	SSLSessionCache         dbm:/var/run/mod_ssl_scache
	SSLSessionCacheTimeout  300
	#SSLSessionCache         none

	# Pseudo Random Number Generator (PRNG):
	#   Configure one or more sources to seed the PRNG of the 
	#   SSL library. The seed data should be of good random quality.
	SSLRandomSeed startup file:/dev/urandom 512
	SSLRandomSeed connect file:/dev/urandom 512

	# Logging:
	#   The home of the dedicated SSL protocol logfile. Errors are
	#   additionally duplicated in the general error log file.  Put
	#   this somewhere where it cannot be used for symlink attacks on
	#   a real server (i.e. somewhere where only root can write).
	#   Log levels are (ascending order: higher ones include lower ones):
	#   none, error, warn, info, trace, debug.
	SSLLog /var/log/apache/ssl_engine.log
	SSLLogLevel info
</IfModule>