--- loncom/loncapa.conf 2004/05/26 10:17:49 1.9 +++ loncom/loncapa.conf 2004/06/01 09:55:04 1.11 @@ -1,7 +1,7 @@ ## ## loncapa.conf -- Apache HTTP LON-CAPA configuration file ## -## $Id: loncapa.conf,v 1.9 2004/05/26 10:17:49 foxr Exp $ +## $Id: loncapa.conf,v 1.11 2004/06/01 09:55:04 foxr Exp $ ## # ======================================= Machine Specific / Perl Configuration @@ -10,35 +10,35 @@ # LON-internal HostID of this machine -PerlSetVar lonHostID {[[[[lonHostID]]]]} +PerlSetVar lonHostID lonkashy # Role of this machine: library, access -PerlSetVar lonRole {[[[[lonRole]]]]} +PerlSetVar lonRole library # Server Administration -PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]} +PerlSetVar lonAdmEMail fox@nscl.msu.edu # Default domain -PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]} +PerlSetVar lonDefDomain nscl # Load Limit ( 100% loadavg ) -PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]} +PerlSetVar lonLoadLim 100 # User Load Limit ( 100% loadavg ) -PerlSetVar lonUserLoadLim {[[[[lonUserLoadLim]]]]} +PerlSetVar lonUserLoadLim 100 # Expiration for local copies and tokens in seconds -PerlSetVar lonExpire {[[[[lonExpire]]]]} +PerlSetVar lonExpire 3600 # Key to issue receipts -PerlSetVar lonReceipt {[[[[lonReceipt]]]]} +PerlSetVar lonReceipt 12345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345 # # The variables below control the behavior of secure lond: @@ -51,8 +51,8 @@ PerlSetVar lonReceipt {[[[[lonReceipt # are using secure lonc, uncomment the first definition and # comment the second. -# PerlSetVar londAllowInsecure {[[[[0]]]]} -PerlSetVar londAllowInsecure {[[[[1]]]]} +# PerlSetVar londAllowInsecure 0 +PerlSetVar londAllowInsecure 1 # loncAllowInsecure allows lonc to fall back to negotiating an insecure # connection with lond in the event the peer is not yet a secure lond. @@ -60,47 +60,6 @@ PerlSetVar londAllowInsecure {[[[[1]]]]} # are using secure lond, uncomment the next line and comment the # second: -# PerlSetVar loncAllowInsecure {[[[[0]]]]} -PerlSetVar loncAllowInsecure {[[[[1]]]]} - -# -# Secure lond/lonc require ssl certificate and private -# key files to function correctly. The certificate -# files need not be terribly secure, but the private key files -# should be set up so that only www (the lonc/lond effective user) -# can read them. -# -# The definition below is the full path to the directory that -# contains the certificate and key files: -# -PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]} - -# -# Secure lond/lonc require two certificates and a private host key. -# The certificates required are that of the lonCAPA certificate authority -# and the certificate that authority issued to this host. -# lonnetCertificateAuthority is the name of the file that contains the -# lonCAPA certificate authority's certificate. -# lonnetCertificate is the name of the file that contains the certificate -# issued to the host by the certificate authority. -# Both of these variables are names of files assumed to be in -# lonCertificateDirectory: - -PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]} -PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]} - -# -# To generate the request for a certificate, and to negotiate the -# initial ssl connection, the host requires a private key. This key -# is created at lonCAPA install time. Did we mention above that it -# should be set so that only www can read it? The variale below -# is the name of the file relative to lonnetCertificateDirectory -# that has the host's private key. Did we remember to tell you to -# keep the permissions on that file set to rw------- (0600)? -# - -PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]} - -# Did we mention that the file described above must have -# permissions really locked down so that it can't be stolen? +# PerlSetVar loncAllowInsecure 0 +PerlSetVar loncAllowInsecure 1