version 1.9, 2004/05/26 10:17:49
|
version 1.11, 2004/06/01 09:55:04
|
Line 10
|
Line 10
|
|
|
# LON-internal HostID of this machine |
# LON-internal HostID of this machine |
|
|
PerlSetVar lonHostID {[[[[lonHostID]]]]} |
PerlSetVar lonHostID lonkashy |
|
|
# Role of this machine: library, access |
# Role of this machine: library, access |
|
|
PerlSetVar lonRole {[[[[lonRole]]]]} |
PerlSetVar lonRole library |
|
|
# Server Administration |
# Server Administration |
|
|
PerlSetVar lonAdmEMail {[[[[lonAdmEMail]]]]} |
PerlSetVar lonAdmEMail fox@nscl.msu.edu |
|
|
# Default domain |
# Default domain |
|
|
PerlSetVar lonDefDomain {[[[[lonDefDomain]]]]} |
PerlSetVar lonDefDomain nscl |
|
|
# Load Limit ( 100% loadavg ) |
# Load Limit ( 100% loadavg ) |
|
|
PerlSetVar lonLoadLim {[[[[lonLoadLim]]]]} |
PerlSetVar lonLoadLim 100 |
|
|
# User Load Limit ( 100% loadavg ) |
# User Load Limit ( 100% loadavg ) |
|
|
PerlSetVar lonUserLoadLim {[[[[lonUserLoadLim]]]]} |
PerlSetVar lonUserLoadLim 100 |
|
|
# Expiration for local copies and tokens in seconds |
# Expiration for local copies and tokens in seconds |
|
|
PerlSetVar lonExpire {[[[[lonExpire]]]]} |
PerlSetVar lonExpire 3600 |
|
|
# Key to issue receipts |
# Key to issue receipts |
|
|
PerlSetVar lonReceipt {[[[[lonReceipt]]]]} |
PerlSetVar lonReceipt 12345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345123451234512345 |
|
|
# |
# |
# The variables below control the behavior of secure lond: |
# The variables below control the behavior of secure lond: |
Line 51 PerlSetVar lonReceipt {[[[[lonReceipt
|
Line 51 PerlSetVar lonReceipt {[[[[lonReceipt
|
# are using secure lonc, uncomment the first definition and |
# are using secure lonc, uncomment the first definition and |
# comment the second. |
# comment the second. |
|
|
# PerlSetVar londAllowInsecure {[[[[0]]]]} |
# PerlSetVar londAllowInsecure 0 |
PerlSetVar londAllowInsecure {[[[[1]]]]} |
PerlSetVar londAllowInsecure 1 |
|
|
# loncAllowInsecure allows lonc to fall back to negotiating an insecure |
# loncAllowInsecure allows lonc to fall back to negotiating an insecure |
# connection with lond in the event the peer is not yet a secure lond. |
# connection with lond in the event the peer is not yet a secure lond. |
Line 60 PerlSetVar londAllowInsecure {[[[[1]]]]}
|
Line 60 PerlSetVar londAllowInsecure {[[[[1]]]]}
|
# are using secure lond, uncomment the next line and comment the |
# are using secure lond, uncomment the next line and comment the |
# second: |
# second: |
|
|
# PerlSetVar loncAllowInsecure {[[[[0]]]]} |
# PerlSetVar loncAllowInsecure 0 |
PerlSetVar loncAllowInsecure {[[[[1]]]]} |
PerlSetVar loncAllowInsecure 1 |
|
|
# |
|
# Secure lond/lonc require ssl certificate and private |
|
# key files to function correctly. The certificate |
|
# files need not be terribly secure, but the private key files |
|
# should be set up so that only www (the lonc/lond effective user) |
|
# can read them. |
|
# |
|
# The definition below is the full path to the directory that |
|
# contains the certificate and key files: |
|
# |
|
PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]} |
|
|
|
# |
|
# Secure lond/lonc require two certificates and a private host key. |
|
# The certificates required are that of the lonCAPA certificate authority |
|
# and the certificate that authority issued to this host. |
|
# lonnetCertificateAuthority is the name of the file that contains the |
|
# lonCAPA certificate authority's certificate. |
|
# lonnetCertificate is the name of the file that contains the certificate |
|
# issued to the host by the certificate authority. |
|
# Both of these variables are names of files assumed to be in |
|
# lonCertificateDirectory: |
|
|
|
PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]} |
|
PerlSetVar lonnetCertificate {[[[[lonhostcert.pem]]]]} |
|
|
|
# |
|
# To generate the request for a certificate, and to negotiate the |
|
# initial ssl connection, the host requires a private key. This key |
|
# is created at lonCAPA install time. Did we mention above that it |
|
# should be set so that only www can read it? The variale below |
|
# is the name of the file relative to lonnetCertificateDirectory |
|
# that has the host's private key. Did we remember to tell you to |
|
# keep the permissions on that file set to rw------- (0600)? |
|
# |
|
|
|
PerlSetVar lonnetPrivateKey {[[[[lonKey.pem]]]]} |
|
|
|
# Did we mention that the file described above must have |
|
# permissions really locked down so that it can't be stolen? |
|
|
|