apache 2.0 ssl configuration

Hello,
I'm running apache 2.0.59 on FreeBSD. Running httpd is working fine, now
i want to add an ssl area also webmail. I've got the below ssl.conf file,
without comments, and am wondering if there's something else i should add?
I'm thinking i don't want any insecure protocols and want to have the
maximum protection encryption wise from ssl.
Any suggestions welcome.
Dave.


SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

Listen xxx.xxx.xxx.xxx:443
AddType application/x-x509-ca-cert .crt #also have this line in httpd.conf)
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex

DocumentRoot "/usr/local/www/data/ssldocs"
ServerName www.example.com:443
ServerAdmin webmaster@example.com
ErrorLog /var/log/httpd-error.log
TransferLog /var/log/httpd-access.log
SSLEngine on
SSLProtocol All -SSLv2
SSLCipherSuite ALL:!EXP:!NULL:!ADH:!LOW
# I definitely need suggestions on the above two lines, i want only the most
secure protocols to be served or allowed.
SSLCertificateFile /usr/local/etc/apache2/ssl/server.crt
SSLCertificateKeyFile /usr/local/etc/apache2/ssl/server.key

SSLOptions +StdEnvVars


SSLOptions +StdEnvVars

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog /var/log/httpd-ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"