[BACK]Return to loncapassl.conf CVS log [TXT] [DIR] Up to [LON-CAPA] / doc / install / linux
File:  [LON-CAPA] / doc / install / linux / loncapassl.conf
Revision 1.1: download - view: text, annotated - select for diffs
Wed Jul 11 01:58:41 2018 UTC (6 years, 2 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, HEAD
- Add config file for Apache/SSL for use with SNI and SSL when replicating
  content from /raw/.
- Installer script will copy/modify standard loncapassl.conf file.

    1: <VirtualHost *:443>
    2: ServerName internal-{[[[[Hostname]]]]}
    3: DocumentRoot "/home/httpd/html"
    4: SSLEngine on
    5: SSLProtocol all -SSLv2
    6: SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
    7: SSLCertificateFile /home/httpd/lonCerts/lonhostnamecert.pem
    8: SSLCertificateKeyFile /home/httpd/lonCerts/lonKey.pem
    9: SSLCACertificateFile /home/httpd/lonCerts/loncapaCA.pem
   10: SSLCARevocationFile /home/httpd/lonCerts/loncapaCAcrl.pem
   11: SSLCARevocationCheck chain
   12: ErrorLog logs/ssl_LCerror_log
   13: TransferLog logs/ssl_LCaccess_log
   14: LogLevel warn
   15: CustomLog logs/ssl_LCrequest_log \
   16:           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
   17: RewriteEngine On
   18: RewriteCond %{REQUEST_URI} !^/raw/ [NC]
   19: RewriteCond %{HTTP_HOST} ^internal\-(.+) [NC]
   20: RewriteRule (.*) https://%1$1 [R=302,L,QSA]
   21: 
   22: <LocationMatch "^/+raw/.*">
   23: PerlAccessHandler Apache::lonracc
   24: SSLRequireSSL
   25: SSLVerifyClient require
   26: SSLVerifyDepth 2
   27: </LocationMatch>
   28: 
   29: </VirtualHost>
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>