Certificates, Protocols and Options
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/cert.pem
SSLCACertificateFile /etc/apache2/ssl/ca-certs.pem
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on # Ciphers specified by the server take precedence
# Optional, defaults to off
SSLInsecureRenegotiation off # Mitigates CVE-2009-3555
SSLCompression off # Mitigates CRIME and ...