- SSLCertificateFile $cert_dir/fullchain.pem
- SSLCertificateKeyFile $cert_dir/privkey.pem
- Include $common_ssl_conf
- # From cerbot generated config example, taken 4/2017,
- # should be rechecked once a year or so.
- Header always set Strict-Transport-Security "max-age=31536000"
- SSLUseStapling on
- Header always set Content-Security-Policy upgrade-insecure-requests
-EOF
-
- cat >/etc/apache2/conf-enabled/local-custom.conf <<'EOF'
-# vhost_combined with %D (request time in microseconds)
-# this file is just a convenient place to drop it.
-LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\" %D" vhost_time_combined
-SSLStaplingCache shmcb:/var/run/apache2/stapling_cache(128000)
+SSLCertificateFile $cert_dir/fullchain.pem
+SSLCertificateKeyFile $cert_dir/privkey.pem
+Include $common_ssl_conf
+# From cerbot generated config example, taken 4/2017,
+# should be rechecked once a year or so.
+Header always set Strict-Transport-Security "max-age=31536000"
+SSLUseStapling on
+Header always set Content-Security-Policy upgrade-insecure-requests