version 1.7, 2003/02/03 18:03:52
|
version 1.9, 2004/05/26 10:17:49
|
Line 28 PerlSetVar lonDefDomain {[[[[lonDe
|
Line 28 PerlSetVar lonDefDomain {[[[[lonDe
|
|
|
PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]} |
PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]} |
|
|
|
# User Load Limit ( 100% loadavg ) |
|
|
|
PerlSetVar lonUserLoadLim {[[[[lonUserLoadLim]]]]} |
|
|
# Expiration for local copies and tokens in seconds |
# Expiration for local copies and tokens in seconds |
|
|
PerlSetVar lonExpire {[[[[lonExpire]]]]} |
PerlSetVar lonExpire {[[[[lonExpire]]]]} |
Line 35 PerlSetVar lonExpire {[[[[lonEx
|
Line 39 PerlSetVar lonExpire {[[[[lonEx
|
# Key to issue receipts |
# Key to issue receipts |
|
|
PerlSetVar lonReceipt {[[[[lonReceipt]]]]} |
PerlSetVar lonReceipt {[[[[lonReceipt]]]]} |
|
|
|
# |
|
# The variables below control the behavior of secure lond: |
|
# |
|
# |
|
|
|
# londAllowInsecure allows lond to fall back to insecure connections |
|
# in the event its peer is not yet updated to secure lonc. |
|
# If you are certain all the systems you are communicating with |
|
# are using secure lonc, uncomment the first definition and |
|
# comment the second. |
|
|
|
# PerlSetVar londAllowInsecure {[[[[0]]]]} |
|
PerlSetVar londAllowInsecure {[[[[1]]]]} |
|
|
|
# loncAllowInsecure allows lonc to fall back to negotiating an insecure |
|
# connection with lond in the event the peer is not yet a secure lond. |
|
# If you are certain that all systems you are communicating with |
|
# are using secure lond, uncomment the next line and comment the |
|
# second: |
|
|
|
# PerlSetVar loncAllowInsecure {[[[[0]]]]} |
|
PerlSetVar loncAllowInsecure {[[[[1]]]]} |
|
|
|
# |
|
# Secure lond/lonc require ssl certificate and private |
|
# key files to function correctly. The certificate |
|
# files need not be terribly secure, but the private key files |
|
# should be set up so that only www (the lonc/lond effective user) |
|
# can read them. |
|
# |
|
# The definition below is the full path to the directory that |
|
# contains the certificate and key files: |
|
# |
|
PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]} |
|
|
|
# |
|
# Secure lond/lonc require two certificates and a private host key. |
|
# The certificates required are that of the lonCAPA certificate authority |
|
# and the certificate that authority issued to this host. |
|
# lonnetCertificateAuthority is the name of the file that contains the |
|
# lonCAPA certificate authority's certificate. |
|
# lonnetCertificate is the name of the file that contains the certificate |
|
# issued to the host by the certificate authority. |
|
# Both of these variables are names of files assumed to be in |
|
# lonCertificateDirectory: |
|
|
|
PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]} |
|
PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]} |
|
|
|
# |
|
# To generate the request for a certificate, and to negotiate the |
|
# initial ssl connection, the host requires a private key. This key |
|
# is created at lonCAPA install time. Did we mention above that it |
|
# should be set so that only www can read it? The variale below |
|
# is the name of the file relative to lonnetCertificateDirectory |
|
# that has the host's private key. Did we remember to tell you to |
|
# keep the permissions on that file set to rw------- (0600)? |
|
# |
|
|
|
PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]} |
|
|
|
# Did we mention that the file described above must have |
|
# permissions really locked down so that it can't be stolen? |
|
|