LoadModule ssl_module modules/mod_ssl.so

Listen 443

SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

NameVirtualHost *:80
NameVirtualHost *:443


<VirtualHost *:443>

    #Your domain name
    ServerName community.osivia.org:443

    SSLEngine on

    ErrorLog logs/ssl_error_log
    TransferLog logs/ssl_access_log
    LogLevel warn

    SSLProtocol all -SSLv2
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

    SetEnvIf User-Agent ".*MSIE.*" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0

    CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


    #   Server Certificate:
    # Point SSLCertificateFile at a PEM encoded certificate.  If
    # the certificate is encrypted, then you will be prompted for a
    # pass phrase.  Note that a kill -HUP will prompt again.  A new
    # certificate can be generated using the genkey(1) command.
    SSLCertificateFile /etc/ssl/community.crt

    #   Server Private Key:
    #   If the key is not combined with the certificate, use this
    #   directive to point at the key file.  Keep in mind that if
    #   you've both a RSA and a DSA private key you can configure
    #   both in parallel (to also allow the use of DSA ciphers, etc.)
    SSLCertificateKeyFile /etc/ssl/community.key



	ProxyPreserveHost On

	RequestHeader set osivia-virtual-host "https://community.osivia.org"
	RequestHeader set nuxeo-virtual-host "https://community.osivia.org"


	DirectoryIndex /portal

	ProxyPass /cas http://localhost:8079/cas
	ProxyPassReverse /cas  http://localhost:8079/cas


</VirtualHost>


<VirtualHost  *:80>
    ServerName community.osivia.org

    RewriteEngine on
    RewriteRule ^/(.*) https://tnr.osivia.vm [L,R=301]
</VirtualHost>