Corporation Server User Manual

Security Services Implemented Within Oracle HTTP Server

8-18 Oracle HTTP Server Administrator’s Guide

SSLEngine Toggles the usage of the SSL Protocol Engine. This is usually used

inside a <VirtualHost> section to enable SSL for a particular virtual host. By

default, the SSL Protocol Engine is disabled for both the main server and all

conﬁgured virtual hosts.

Example 8–8 Using SSL Engine Directive

<VirtualHost_dafault_:4443>

SSLEngine on

...

</VirtualHost>

SSLLog Speciﬁes where the SSL engine log ﬁle will be written. (Error messages

will also be duplicated to the standard Oracle HTTP Server log ﬁle speciﬁed by the

ErrorLog directive.)

Place this ﬁle at a location where only root can write, so that it cannot be used for

symlink attacks. If the ﬁlename does not begin with a slash (/), it is assumed to be

relative to the ServerRoot. If the ﬁlename begins with a bar (|), then the string

following the bar is expected to be a path to an executable program to which a

reliable pipe can be established.

This directive should occur only once for each virtual server conﬁguration.

Category Value

Syntax SSLEngine on|off

Default SSLEngine off

Context server conﬁguration, virtual host

Category Value

Syntax SSLVerifyClient path/to/filename

Default None

Context server conﬁguration, virtual host