Diff for /loncom/loncapa.conf between versions 1.8 and 1.9

version 1.8, 2003/05/08 22:08:18 version 1.9, 2004/05/26 10:17:49
Line 39  PerlSetVar       lonExpire    {[[[[lonEx Line 39  PerlSetVar       lonExpire    {[[[[lonEx
 # Key to issue receipts  # Key to issue receipts
     
 PerlSetVar lonReceipt   {[[[[lonReceipt]]]]}  PerlSetVar lonReceipt   {[[[[lonReceipt]]]]}
   
   #
   #   The variables below control the behavior of secure lond:
   #
   #
   
   #  londAllowInsecure allows lond to fall back to insecure connections
   #  in the event its peer is not yet updated to secure lonc.
   #  If you are certain all the systems you are communicating with
   #  are using secure lonc, uncomment the first definition and
   #  comment the second.
   
   # PerlSetVar londAllowInsecure {[[[[0]]]]}
   PerlSetVar londAllowInsecure {[[[[1]]]]}
   
   # loncAllowInsecure allows lonc to fall back to negotiating an insecure
   # connection with lond in the event the peer is not yet a secure lond.
   # If you are certain that all systems you are communicating with 
   # are using secure lond, uncomment the next line and comment the
   # second:
   
   # PerlSetVar loncAllowInsecure {[[[[0]]]]}
   PerlSetVar   loncAllowInsecure {[[[[1]]]]}
   
   #
   #   Secure lond/lonc require ssl certificate and private
   #   key files to function correctly.  The certificate
   #   files need not be terribly secure, but the private key files
   #   should be set up so that only www (the lonc/lond effective user)
   #   can read them.
   # 
   #   The definition below is the full path to the directory that
   #   contains the certificate and key files:
   #
   PerlSetVar lonCertificateDirectory {[[[[/home/httpd/lonCerts]]]]}
   
   #
   #  Secure lond/lonc require two certificates and a private host key.
   #  The certificates required are that of the lonCAPA certificate authority
   #  and the certificate that authority issued to this host.
   #  lonnetCertificateAuthority is the name of the file that contains the
   #                            lonCAPA certificate authority's certificate.
   #  lonnetCertificate is the name of the file that contains the certificate
   #                    issued to the host by the certificate authority.
   #  Both of these variables are names of files assumed to be in 
   #  lonCertificateDirectory:
   
   PerlSetVar lonnetCertificateAuthority {[[[[loncapaCA.pem]]]]}
   PerlSetVar lonnetCertificate          {[[[[lonhostcert.pem]]]]}
   
   #
   #  To generate the request for a certificate, and to negotiate the
   #  initial ssl connection, the host requires a private key.  This key
   #  is created at lonCAPA install time.  Did we mention above that it
   #  should be set so that only www can read it?  The variale below
   #  is the name of the file relative to lonnetCertificateDirectory
   #  that has the host's private key.  Did we remember to tell you to
   #  keep the permissions on that file set to rw-------  (0600)?
   #  
   
   PerlSetVar lonnetPrivateKey         {[[[[lonKey.pem]]]]}
   
   # Did we mention that the file described above must have
   # permissions really locked down so that it can't be stolen?
   

Removed from v.1.8  
changed lines
  Added in v.1.9


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>