#在sites-available文件夹下创建test-ssl.config文件
cd /etc/apache2/sites-available
touch test-ssl.config
复制下述内容到test-ssl.config文件中。
ServerAdmin www.test.com
ServerName www.test.com
DocumentRoot /var/www/test
ErrorLog /var/www/logs/error.log
CustomLog /var/www/logs/access.log
combined
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
SSLCertificateFile /etc/ssl/certs/www.test.com.crt
SSLCertificateKeyFile /etc/ssl/private/www.test.com.key
SSLCertificateChainFile /etc/ssl/certs/root_bundle.crt
如果只是开启HTTP,可以将文件命名为test.config,端口改成80或其他需要的端口,config文件中不需要SSLEngine on以下的设置。