##
## loncapa.conf -- Apache HTTP LON-CAPA configuration file
##
## $Id: loncapa.conf,v 1.9 2004/05/26 10:17:49 foxr Exp $
##
# ======================================= Machine Specific / Perl Configuration
#
# ------------------------ The variable values are also read and shared by lond
# LON-internal HostID of this machine
PerlSetVar lonHostID {[[[[lonHostID]]]]}
# Role of this machine: library, access
PerlSetVar lonRole {[[[[lonRole]]]]}
# Server Administration
PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]}
# Default domain
PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]}
# Load Limit ( 100% loadavg )
PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]}
# User Load Limit ( 100% loadavg )
PerlSetVar lonUserLoadLim {[[[[lonUserLoadLim]]]]}
# Expiration for local copies and tokens in seconds
PerlSetVar lonExpire {[[[[lonExpire]]]]}
# Key to issue receipts
PerlSetVar lonReceipt {[[[[lonReceipt]]]]}
#
# The variables below control the behavior of secure lond:
#
#
# londAllowInsecure allows lond to fall back to insecure connections
# in the event its peer is not yet updated to secure lonc.
# If you are certain all the systems you are communicating with
# are using secure lonc, uncomment the first definition and
# comment the second.
# PerlSetVar londAllowInsecure {[[[[0]]]]}
PerlSetVar londAllowInsecure {[[[[1]]]]}
# loncAllowInsecure allows lonc to fall back to negotiating an insecure
# connection with lond in the event the peer is not yet a secure lond.
# If you are certain that all systems you are communicating with
# are using secure lond, uncomment the next line and comment the
# second:
# PerlSetVar loncAllowInsecure {[[[[0]]]]}
PerlSetVar loncAllowInsecure {[[[[1]]]]}
#
# Secure lond/lonc require ssl certificate and private
# key files to function correctly. The certificate
# files need not be terribly secure, but the private key files
# should be set up so that only www (the lonc/lond effective user)
# can read them.
#
# The definition below is the full path to the directory that
# contains the certificate and key files:
#
PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]}
#
# Secure lond/lonc require two certificates and a private host key.
# The certificates required are that of the lonCAPA certificate authority
# and the certificate that authority issued to this host.
# lonnetCertificateAuthority is the name of the file that contains the
# lonCAPA certificate authority's certificate.
# lonnetCertificate is the name of the file that contains the certificate
# issued to the host by the certificate authority.
# Both of these variables are names of files assumed to be in
# lonCertificateDirectory:
PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]}
PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]}
#
# To generate the request for a certificate, and to negotiate the
# initial ssl connection, the host requires a private key. This key
# is created at lonCAPA install time. Did we mention above that it
# should be set so that only www can read it? The variale below
# is the name of the file relative to lonnetCertificateDirectory
# that has the host's private key. Did we remember to tell you to
# keep the permissions on that file set to rw------- (0600)?
#
PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]}
# Did we mention that the file described above must have
# permissions really locked down so that it can't be stolen?
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>