1: ##
2: ## loncapa.conf -- Apache HTTP LON-CAPA configuration file
3: ##
4: ## $Id: loncapa.conf,v 1.9 2004/05/26 10:17:49 foxr Exp $
5: ##
6:
7: # ======================================= Machine Specific / Perl Configuration
8: #
9: # ------------------------ The variable values are also read and shared by lond
10:
11: # LON-internal HostID of this machine
12:
13: PerlSetVar lonHostID {[[[[lonHostID]]]]}
14:
15: # Role of this machine: library, access
16:
17: PerlSetVar lonRole {[[[[lonRole]]]]}
18:
19: # Server Administration
20:
21: PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]}
22:
23: # Default domain
24:
25: PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]}
26:
27: # Load Limit ( 100% loadavg )
28:
29: PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]}
30:
31: # User Load Limit ( 100% loadavg )
32:
33: PerlSetVar lonUserLoadLim {[[[[lonUserLoadLim]]]]}
34:
35: # Expiration for local copies and tokens in seconds
36:
37: PerlSetVar lonExpire {[[[[lonExpire]]]]}
38:
39: # Key to issue receipts
40:
41: PerlSetVar lonReceipt {[[[[lonReceipt]]]]}
42:
43: #
44: # The variables below control the behavior of secure lond:
45: #
46: #
47:
48: # londAllowInsecure allows lond to fall back to insecure connections
49: # in the event its peer is not yet updated to secure lonc.
50: # If you are certain all the systems you are communicating with
51: # are using secure lonc, uncomment the first definition and
52: # comment the second.
53:
54: # PerlSetVar londAllowInsecure {[[[[0]]]]}
55: PerlSetVar londAllowInsecure {[[[[1]]]]}
56:
57: # loncAllowInsecure allows lonc to fall back to negotiating an insecure
58: # connection with lond in the event the peer is not yet a secure lond.
59: # If you are certain that all systems you are communicating with
60: # are using secure lond, uncomment the next line and comment the
61: # second:
62:
63: # PerlSetVar loncAllowInsecure {[[[[0]]]]}
64: PerlSetVar loncAllowInsecure {[[[[1]]]]}
65:
66: #
67: # Secure lond/lonc require ssl certificate and private
68: # key files to function correctly. The certificate
69: # files need not be terribly secure, but the private key files
70: # should be set up so that only www (the lonc/lond effective user)
71: # can read them.
72: #
73: # The definition below is the full path to the directory that
74: # contains the certificate and key files:
75: #
76: PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]}
77:
78: #
79: # Secure lond/lonc require two certificates and a private host key.
80: # The certificates required are that of the lonCAPA certificate authority
81: # and the certificate that authority issued to this host.
82: # lonnetCertificateAuthority is the name of the file that contains the
83: # lonCAPA certificate authority's certificate.
84: # lonnetCertificate is the name of the file that contains the certificate
85: # issued to the host by the certificate authority.
86: # Both of these variables are names of files assumed to be in
87: # lonCertificateDirectory:
88:
89: PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]}
90: PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]}
91:
92: #
93: # To generate the request for a certificate, and to negotiate the
94: # initial ssl connection, the host requires a private key. This key
95: # is created at lonCAPA install time. Did we mention above that it
96: # should be set so that only www can read it? The variale below
97: # is the name of the file relative to lonnetCertificateDirectory
98: # that has the host's private key. Did we remember to tell you to
99: # keep the permissions on that file set to rw------- (0600)?
100: #
101:
102: PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]}
103:
104: # Did we mention that the file described above must have
105: # permissions really locked down so that it can't be stolen?
106:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>