Listen 0.0.0.0:443

SSLEngine on
SSLOptions +StrictRequire

<Directory />
    SSLRequireSSL
    </Directory>

    SSLProtocol -all +TLSv1 +SSLv3
    SSLCipherSuite HIGH:MEDIUM:!aNULL:!eNULL:+SHA1:!MD5:!CAMELLIA:!RC4:!ECDH:+HIGH:+MEDIUM

    SSLMutex file:/usr/local/apache2/logs/ssl_mutex

    SSLRandomSeed startup file:/dev/urandom 1024
    SSLRandomSeed connect file:/dev/urandom 1024

    SSLSessionCache shm:/usr/local/apache2/logs/ssl_cache_shm
    SSLSessionCacheTimeout 600

    SSLPassPhraseDialog builtin
    SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key

    SSLVerifyClient none
    SSLProxyEngine off

    <IfModule mime.c>
        AddType application/x-x509-ca-cert      .crt
	    AddType application/x-pkcs7-crl         .crl
	    </IfModule>

	    SetEnvIf User-Agent ".*MSIE.*" \  
	      nokeepalive ssl-unclean-shutdown \  
	        downgrade-1.0 force-response-1.0