Defining default Apache settings for virtual servers

I could have sworn there was a way to do this in one place, so you don’t need to manually do this in each virtual server.

I want to set up my server to only have TLSv1.3 and post-quantum ciphers. I made the set of changes that should enable that, but as I create a virtual server: those changes were ignored and just used the old standard anyway.

The changes were mostly adding lines like this: (as well as a mess of other changes to OpenSSL and so on)

# Configure key exchange and key encapsulation mechanisms
 SSLOpenSSLConfCmd Curves X25519MLKEM768:X448:X25519:prime256v1

Do I have to make those on each individual server or is there a master that I can use to edit the block that’s added to the Apache conf file.

EDIT: Before anyone comes at me, the packages were updated.

Server Templates do this for newly created Virtual Servers, but not for existing ones (generally speaking), as it would be dangerous to muck about in existing VirtualHost configurations.

You can often make the changes you want to Server Templates, disable the feature in the domain(s) you want to get updated, and then re-enable the feature to regenerate the configuration. But, I’m not sure that works for Apache VirtualHosts…you probably want to try it on a test virtual server or dev system first. And, also be aware that if it does work, any customizations you’ve done to those individual VirtualHosts will be removed (and if it doesn’t work, it’d leave it alone and not make the changes you want). It might not even be possible to disable the Apache Website feature, I don’t remember.

Where would I make this change in Server Templates?

Found it:
Server Templates → Website for domain → “Extra directives for Apache SSL Websites”