doc/install/linux/loncapassl.conf - view

Return to loncapassl.conf CVS log

Up to [LON-CAPA] / doc / install / linux

File: [LON-CAPA] / doc / install / linux / loncapassl.conf
Revision 1.1: download - view: text, annotated - select for diffs
Wed Jul 11 01:58:41 2018 UTC (5 years, 9 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, HEAD

- Add config file for Apache/SSL for use with SNI and SSL when replicating
  content from /raw/.
- Installer script will copy/modify standard loncapassl.conf file.

<VirtualHost *:443>
ServerName internal-{[[[[Hostname]]]]}
DocumentRoot "/home/httpd/html"
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile /home/httpd/lonCerts/lonhostnamecert.pem
SSLCertificateKeyFile /home/httpd/lonCerts/lonKey.pem
SSLCACertificateFile /home/httpd/lonCerts/loncapaCA.pem
SSLCARevocationFile /home/httpd/lonCerts/loncapaCAcrl.pem
SSLCARevocationCheck chain
ErrorLog logs/ssl_LCerror_log
TransferLog logs/ssl_LCaccess_log
LogLevel warn
CustomLog logs/ssl_LCrequest_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/raw/ [NC]
RewriteCond %{HTTP_HOST} ^internal\-(.+) [NC]
RewriteRule (.*) https://%1$1 [R=302,L,QSA]

<LocationMatch "^/+raw/.*">
PerlAccessHandler Apache::lonracc
SSLRequireSSL
SSLVerifyClient require
SSLVerifyDepth 2
</LocationMatch>

</VirtualHost>

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>