+++ /dev/null
-# sslproxy configuration file.
-# /etc/l7vs/sslproxy/sslproxy.<target_id>.cf
-
-[sslproxy]
-# Global configuration.
-recv_endpoint = "10.144.169.70:44444"
-target_endpoint = "10.144.169.70:22222"
-num_thread = 10
-timeout_sec = 30
-
-# SSL configuration.
-ca_dir = "/etc/l7vs/sslproxy/"
-ca_file = "root.pem"
-cert_chain_dir = "/etc/l7vs/sslproxy/"
-cert_chain_file = "server.pem"
-private_key_dir = "/etc/l7vs/sslproxy/"
-private_key_file = "server.pem"
-private_key_filetype = "SSL_FILETYPE_PEM"
-#private_key_filetype = "SSL_FILETYPE_ASN1"
-#private_key_passwd_from = "console"
-private_key_passwd_from = "file"
-private_key_passwd_dir = "/etc/l7vs/sslproxy/"
-private_key_passwd_file = "passwd.txt"
-verify_options = "SSL_VERIFY_NONE"
-verify_options = "SSL_VERIFY_PEER"
-verify_options = "SSL_VERIFY_FAIL_IF_NO_PEER_CERT"
-#verify_options = "SSL_VERIFY_CLIENT_ONCE"
-verify_cert_depth = 9
-#ssl_options = "SSL_OP_MICROSOFT_SESS_ID_BUG"
-#ssl_options = "SSL_OP_NETSCAPE_CHALLENGE_BUG"
-#ssl_options = "SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG"
-#ssl_options = "SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG"
-#ssl_options = "SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER"
-#ssl_options = "SSL_OP_MSIE_SSLV2_RSA_PADDING"
-#ssl_options = "SSL_OP_SSLEAY_080_CLIENT_DH_BUG"
-#ssl_options = "SSL_OP_TLS_D5_BUG"
-#ssl_options = "SSL_OP_TLS_BLOCK_PADDING_BUG"
-#ssl_options = "SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS"
-ssl_options = "SSL_OP_ALL"
-#ssl_options = "SSL_OP_NO_QUERY_MTU"
-#ssl_options = "SSL_OP_COOKIE_EXCHANGE"
-#ssl_options = "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION"
-#ssl_options = "SSL_OP_SINGLE_ECDH_USE"
-ssl_options = "SSL_OP_SINGLE_DH_USE"
-#ssl_options = "SSL_OP_EPHEMERAL_RSA"
-#ssl_options = "SSL_OP_CIPHER_SERVER_PREFERENCE"
-#ssl_options = "SSL_OP_TLS_ROLLBACK_BUG"
-ssl_options = "SSL_OP_NO_SSLv2"
-#ssl_options = "SSL_OP_NO_SSLv3"
-#ssl_options = "SSL_OP_NO_TLSv1"
-#ssl_options = "SSL_OP_PKCS1_CHECK_1"
-#ssl_options = "SSL_OP_PKCS1_CHECK_2"
-#ssl_options = "SSL_OP_NETSCAPE_CA_DN_BUG"
-#ssl_options = "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG"
-tmp_dh_dir = "/etc/l7vs/sslproxy/"
-tmp_dh_file = "dh512.pem"
-cipher_list = "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
-
-# SSL session cache configuration.
-session_cache = "on"
-session_cache_size = 20480
-session_cache_timeout = 300
-
-[logger]
-## SSLProxy log configuration.
-# sslproxy logfile base name
-sslproxy_log_filename = "/var/log/l7vs/sslproxy/sslproxy.target_2.log"
-
-# sslproxy log rotate pattern
-sslproxy_rotation = "size"
-#sslproxy_rotation = "date"
-#sslproxy_rotation = "datesize"
-
-# sslproxy rotate max backup number
-sslproxy_max_backup_index = "10"
-
-# sslproxy rotate file size
-sslproxy_max_filesize = "10M"
-
-# sslproxy rotation timing
-#sslproxy_rotation_timing = "month"
-#sslproxy_rotation_timing_value = "1 0:01"
-
-## Connection log configuration.
-# connection log ON/OFF
-conn_log_flag = "on"
-
-# connection logfile base name
-conn_log_filename = "/var/log/l7vs/sslproxy/sslproxy.target_2.conn_log"
-
-# connection log rotate pattern
-#conn_rotation = "size"
-conn_rotation = "date"
-#conn_rotation = "datesize"
-
-# connection rotate max backup number
-conn_max_backup_index = "10"
-
-# connection rotate file size
-#conn_max_filesize = "10M"
-
-# sslproxy rotation timing
-conn_rotation_timing = "month"
-conn_rotation_timing_value = "1 0:01"
-
-# Log categories level
-sslproxy_logger = "warn"
-sslproxy_parameter = "warn"
-sslproxy_common = "warn"
-sslproxy_server = "warn"
-sslproxy_session = "warn"
-sslproxy_connection = "info"
-
OSDN Git Service
