Hello! 2016-03-04 9:30 GMT+01:00 Daniel <dferra...@gmail.com>:
> Files where directives are defined do not matter at all, what matters is > the "Context" in which they are placed, that is server config, virtualhost, > directory, etc, If you look at the official docs all directives have a > specific context in which they can be used. > Adding some details about what Daniel was referring to: http://httpd.apache.org/docs/2.4/sections.html > On Thu, Mar 3, 2016 at 5:31 PM, schnappiwol...@yahoo.com.INVALID < >> schnappiwol...@yahoo.com.invalid> wrote: >>> >>> >>> Apache options like "SSLProtocol", "SSLCipherSuite", and >>> "HonorCipherOrder" among others can be put in both >>> /etc/apache2/apache2.conf (Debian based) or >>> etc/apache2/mods-available/ssl.conf (or even the virtual host configuration >>> file). >>> >>> Which location should these server wide SSL settings be >>> optimally/conventionally placed (ssl.conf or apache2.conf)? Furthermore and >>> more importantly if the settings conflict in these two files/ locations >>> which setting/file takes precedence? >>> >>> My personal view: I would place them only where they are needed (i.e. if you have only one Virtual host listening on port 443 with all the SSL directives in there). For the precedence question, please check the above link! Hope that makes sense! Luca
