laurent
/
ansible-certbot


			
				
					
						
						
							1234567891011121314151617181920212223
							<VirtualHost *:443>

				<IfModule mod_headers.c>
								Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
								Header always set X-Frame-Options DENY
								Header always set X-Content-Type-Options nosniff
				</IfModule>

				DocumentRoot /var/www/renewal
				ServerName www.hory.me

				SSLEngine on
				SSLProtocol All -SSLv2 -SSLv3 -TLSv1
				SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA
				SSLHonorCipherOrder On
				SSLCompression off

				SSLCertificateFile /etc/letsencrypt/live/www.hory.me/fullchain.pem
				SSLCertificateKeyFile /etc/letsencrypt/live/www.hory.me/privkey.pem
				SSLCertificateChainFile /etc/letsencrypt/live/www.hory.me/chain.pem
				SSLCACertificateFile /etc/letsencrypt/live/www.hory.me/cert.pem

</VirtualHost>