全国统一客服热线:4006-888-308   欢迎来广深互联  [登录]  [注册]  [找密]
本站快讯: 领取优惠码购买产品 | 淘宝自助提货开通产品 | 购物车合计 0 件商品 | 立即去结算

[广深互联技术分享]apache mod_ssl的参数解释

作者: admin 日期: 2015-10-23 18:05:33 人气: - 评论: 0

This forces anunclean shutdown when the connection is closed, i.e. no

SSL close notifyalert is send or allowed to received. This violates

the SSL/TLS standardbut is needed for some brain-dead browsers. Use

this when youreceive I/O errors because of the standard approach where

mod_ssl sends theclose notify alert.

downgrade-1.0force-response-1.0

理解为当客户端满足条件force-response-1.0的时候downgrade-1.0

当客户端用的是HTTP/1.0运作的时候,不能够用HTTP/1.1运作的时候,downgrade-1.0 是降低HTTP版本的操作。这个是为了保证SSl协议功能的可靠的实现。

参考资料有:

# Notice: Most problemsof broken clients are also related to the HTTP

# keep-alivefacility, so you usually additionally want to disable

# keep-alive forthose clients, too. Use variable "nokeepalive" for this.

# Similarly, one hasto force some clients to use HTTP/1.0 to workaround

# their brokenHTTP/1.1 implementation. Use variables "downgrade-1.0" and

#"force-response-1.0" for this.

SSLCipherSuiteALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

这个可以理解为ssl支持的加密协议。具体可以浏览:http://blogold.chinaunix.net/u/12066/showart_491943.html

<FilesMatch".(cgi|shtml|phtml|php)$">

SSLOptions+StdEnvVars

</FilesMatch>

<Directory"/usr/local/apache2/cgi-bin">

SSLOptions+StdEnvVars

</Directory>

StdEnvVars 表示建立一个标准的ssl环境。

出自:广深互联(www.99idc.cn)为您提供专业的服务器租用,服务器托管技术支持

Copyright © 2012-2014 深圳网站建设_深圳网站设计_深圳网页设计公司 Inc. 保留所有权利。 Powered by TWCMS 2.0.3

页面耗时0.0674秒, 内存占用1.41 MB, 访问数据库16次

深圳广深互联云计算有限公司 版权所有 Copyright @ 1999-2015 增值电信业务许可证:粤B2-20050227号 公安备案号:4403201410163