version 1.9, 2004/05/26 10:17:49
|
version 1.10, 2004/05/27 09:28:38
|
Line 63 PerlSetVar londAllowInsecure {[[[[1]]]]}
|
Line 63 PerlSetVar londAllowInsecure {[[[[1]]]]}
|
# PerlSetVar loncAllowInsecure {[[[[0]]]]} |
# PerlSetVar loncAllowInsecure {[[[[0]]]]} |
PerlSetVar loncAllowInsecure {[[[[1]]]]} |
PerlSetVar loncAllowInsecure {[[[[1]]]]} |
|
|
# |
|
# Secure lond/lonc require ssl certificate and private |
|
# key files to function correctly. The certificate |
|
# files need not be terribly secure, but the private key files |
|
# should be set up so that only www (the lonc/lond effective user) |
|
# can read them. |
|
# |
|
# The definition below is the full path to the directory that |
|
# contains the certificate and key files: |
|
# |
|
PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]} |
|
|
|
# |
|
# Secure lond/lonc require two certificates and a private host key. |
|
# The certificates required are that of the lonCAPA certificate authority |
|
# and the certificate that authority issued to this host. |
|
# lonnetCertificateAuthority is the name of the file that contains the |
|
# lonCAPA certificate authority's certificate. |
|
# lonnetCertificate is the name of the file that contains the certificate |
|
# issued to the host by the certificate authority. |
|
# Both of these variables are names of files assumed to be in |
|
# lonCertificateDirectory: |
|
|
|
PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]} |
|
PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]} |
|
|
|
# |
|
# To generate the request for a certificate, and to negotiate the |
|
# initial ssl connection, the host requires a private key. This key |
|
# is created at lonCAPA install time. Did we mention above that it |
|
# should be set so that only www can read it? The variale below |
|
# is the name of the file relative to lonnetCertificateDirectory |
|
# that has the host's private key. Did we remember to tell you to |
|
# keep the permissions on that file set to rw------- (0600)? |
|
# |
|
|
|
PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]} |
|
|
|
# Did we mention that the file described above must have |
|
# permissions really locked down so that it can't be stolen? |
|
|
|