<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin d1.sysadm@gmail.com
ServerName search.dataone.org
ServerAlias HOSTNAME
#Header set Access-Control-Allow-Origin "cn.dataone.org"
SetEnvIf Origin ^(https?://.+\.dataone.org(?::\d{1,5})?)$ CORS_ALLOW_ORIGIN=$1
Header append Access-Control-Allow-Origin %{CORS_ALLOW_ORIGIN}e env=CORS_ALLOW_ORIGIN
Header merge Vary "Origin"
DocumentRoot /var/www/search.dataone.org
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/search.dataone.org-error.log
CustomLog ${APACHE_LOG_DIR}/search.dataone.org-access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCertificateFile /etc/ssl/certs/_.dataone.org.crt
SSLCertificateKeyFile /etc/ssl/private/_.dataone.org.key
SSLCertificateChainFile /etc/ssl/certs/geotrust_intermediate.crt
#SSLCertificateFile /etc/ssl/certs/geotrust_intermediate.crt
SSLProxyEngine on
ProxyRequests Off
ProxyPass "/cn/v1/" "https://cn.dataone.org/cn/v1/"
ProxyPassReverse "/cn/v1/" "https://cn.dataone.org/cn/v1/"
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>
</IfModule>