How to get an SSL A+ rating with Apache

If you need a high rating with tests like https://www.ssllabs.com then i have an example on a working configuration that will get you the A+ score.

I’m using letsencrypt for my SSL site but you can use any certificate to get the result.

<VirtualHost *:80>
ServerName www.pvangsgaard.com
ServerAlias pvangsgaard.com
Redirect / https://www.pvangsgaard.com/
ErrorLog /var/log/apache2/pvangsgaard.com.error.log
CustomLog /var/log/apache2/pvangsgaard.com.access.log combined
</VirtualHost>
<VirtualHost *:443>
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
ServerName www.pvangsgaard.com
ServerAlias pvangsgaard.com
DocumentRoot /home/pva/public_html/pvangsgaard.com
ErrorLog /var/log/apache2/pvangsgaard.com.error.log
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLEngine on
SSLCipherSuite EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:!aNULL:!eNULL:!EXP:!LOW:!MD5
SSLHonorCipherOrder on
SSLCertificateFile    /etc/letsencrypt/live/pvangsgaard.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/pvangsgaard.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/pvangsgaard.com/fullchain.pem
</VirtualHost>

Remember to enable headers with:

a2enmod headers
systemctl restart apache

I have also made an example for NGINX at this url https://www.pvangsgaard.com/2018/02/22/how-to-get-an-a-rating-with-100-score-on-the-ssllabs-test-with-nginx/