--- loncom/loncapa.conf	2004/05/26 10:17:49	1.9
+++ loncom/loncapa.conf	2004/06/01 14:58:12	1.12
@@ -1,7 +1,7 @@
 ##
 ## loncapa.conf -- Apache HTTP LON-CAPA configuration file
 ##
-## $Id: loncapa.conf,v 1.9 2004/05/26 10:17:49 foxr Exp $
+## $Id: loncapa.conf,v 1.12 2004/06/01 14:58:12 albertel Exp $
 ##
 
 # ======================================= Machine Specific / Perl Configuration
@@ -48,59 +48,14 @@ PerlSetVar	 lonReceipt   {[[[[lonReceipt
 #  londAllowInsecure allows lond to fall back to insecure connections
 #  in the event its peer is not yet updated to secure lonc.
 #  If you are certain all the systems you are communicating with
-#  are using secure lonc, uncomment the first definition and
-#  comment the second.
+#  are using secure lonc, set it to 0
 
-# PerlSetVar londAllowInsecure {[[[[0]]]]}
-PerlSetVar londAllowInsecure {[[[[1]]]]}
+PerlSetVar londAllowInsecure {[[[[londAllowInsecure]]]]}
 
 # loncAllowInsecure allows lonc to fall back to negotiating an insecure
 # connection with lond in the event the peer is not yet a secure lond.
 # If you are certain that all systems you are communicating with 
-# are using secure lond, uncomment the next line and comment the
-# second:
+# are using secure lond,  set it to 0
 
-# PerlSetVar loncAllowInsecure {[[[[0]]]]}
-PerlSetVar   loncAllowInsecure {[[[[1]]]]}
-
-#
-#   Secure lond/lonc require ssl certificate and private
-#   key files to function correctly.  The certificate
-#   files need not be terribly secure, but the private key files
-#   should be set up so that only www (the lonc/lond effective user)
-#   can read them.
-# 
-#   The definition below is the full path to the directory that
-#   contains the certificate and key files:
-#
-PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]}
-
-#
-#  Secure lond/lonc require two certificates and a private host key.
-#  The certificates required are that of the lonCAPA certificate authority
-#  and the certificate that authority issued to this host.
-#  lonnetCertificateAuthority is the name of the file that contains the
-#                            lonCAPA certificate authority's certificate.
-#  lonnetCertificate is the name of the file that contains the certificate
-#                    issued to the host by the certificate authority.
-#  Both of these variables are names of files assumed to be in 
-#  lonCertificateDirectory:
-
-PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]}
-PerlSetVar lonnetCertificate          {[[[[lonhostcert.pem]]]]}
-
-#
-#  To generate the request for a certificate, and to negotiate the
-#  initial ssl connection, the host requires a private key.  This key
-#  is created at lonCAPA install time.  Did we mention above that it
-#  should be set so that only www can read it?  The variale below
-#  is the name of the file relative to lonnetCertificateDirectory
-#  that has the host's private key.  Did we remember to tell you to
-#  keep the permissions on that file set to rw-------  (0600)?
-#  
-
-PerlSetVar lonnetPrivateKey         {[[[[lonKey.pem]]]]}
-
-# Did we mention that the file described above must have
-# permissions really locked down so that it can't be stolen?
+PerlSetVar   loncAllowInsecure {[[[[loncAllowInsecure]]]]}