The days of deploying the default, example httpd.conf to enable mod_ssl are long gone. Smart organizations and business have changed their cipher suite, added ECDHE keys and stronger RSA keys to now default to forward secrecy operation. They have shifted from SSL session caches to session tickets to further attain perfect forward secrecy. And they are rolling out OCSP stapling services, they are dropping the SSLv3 Protocol and they are adopting TLS virtual hosting to solidify their deployments. Learn the out of the box httpd mod_ssl facilities, and how to harden and enhance your web server deployments.
