version 1.9, 2004/05/26 10:17:49
|
version 1.13, 2004/06/29 15:00:25
|
Line 20 PerlSetVar lonRole {[[[[lonRo
|
Line 20 PerlSetVar lonRole {[[[[lonRo
|
|
|
PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]} |
PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]} |
|
|
|
# Support E-mail |
|
|
|
PerlSetVar lonSupportEMail {[[[[lonSupportEMail]]]]} |
|
|
# Default domain |
# Default domain |
|
|
PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]} |
PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]} |
Line 48 PerlSetVar lonReceipt {[[[[lonReceipt
|
Line 52 PerlSetVar lonReceipt {[[[[lonReceipt
|
# londAllowInsecure allows lond to fall back to insecure connections |
# londAllowInsecure allows lond to fall back to insecure connections |
# in the event its peer is not yet updated to secure lonc. |
# in the event its peer is not yet updated to secure lonc. |
# If you are certain all the systems you are communicating with |
# If you are certain all the systems you are communicating with |
# are using secure lonc, uncomment the first definition and |
# are using secure lonc, set it to 0 |
# comment the second. |
|
|
|
# PerlSetVar londAllowInsecure {[[[[0]]]]} |
PerlSetVar londAllowInsecure {[[[[londAllowInsecure]]]]} |
PerlSetVar londAllowInsecure {[[[[1]]]]} |
|
|
|
# loncAllowInsecure allows lonc to fall back to negotiating an insecure |
# loncAllowInsecure allows lonc to fall back to negotiating an insecure |
# connection with lond in the event the peer is not yet a secure lond. |
# connection with lond in the event the peer is not yet a secure lond. |
# If you are certain that all systems you are communicating with |
# If you are certain that all systems you are communicating with |
# are using secure lond, uncomment the next line and comment the |
# are using secure lond, set it to 0 |
# second: |
|
|
|
# PerlSetVar loncAllowInsecure {[[[[0]]]]} |
|
PerlSetVar loncAllowInsecure {[[[[1]]]]} |
|
|
|
# |
|
# Secure lond/lonc require ssl certificate and private |
|
# key files to function correctly. The certificate |
|
# files need not be terribly secure, but the private key files |
|
# should be set up so that only www (the lonc/lond effective user) |
|
# can read them. |
|
# |
|
# The definition below is the full path to the directory that |
|
# contains the certificate and key files: |
|
# |
|
PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]} |
|
|
|
# |
|
# Secure lond/lonc require two certificates and a private host key. |
|
# The certificates required are that of the lonCAPA certificate authority |
|
# and the certificate that authority issued to this host. |
|
# lonnetCertificateAuthority is the name of the file that contains the |
|
# lonCAPA certificate authority's certificate. |
|
# lonnetCertificate is the name of the file that contains the certificate |
|
# issued to the host by the certificate authority. |
|
# Both of these variables are names of files assumed to be in |
|
# lonCertificateDirectory: |
|
|
|
PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]} |
|
PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]} |
|
|
|
# |
|
# To generate the request for a certificate, and to negotiate the |
|
# initial ssl connection, the host requires a private key. This key |
|
# is created at lonCAPA install time. Did we mention above that it |
|
# should be set so that only www can read it? The variale below |
|
# is the name of the file relative to lonnetCertificateDirectory |
|
# that has the host's private key. Did we remember to tell you to |
|
# keep the permissions on that file set to rw------- (0600)? |
|
# |
|
|
|
PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]} |
|
|
|
# Did we mention that the file described above must have |
PerlSetVar loncAllowInsecure {[[[[loncAllowInsecure]]]]} |
# permissions really locked down so that it can't be stolen? |
|
|
|