Wiki Markup
$HOME/\[app\]-\[version#\] and creating a symlink to $HOME/\[app\] so that there is
no question about what the current, in use, directory is.
Note: When downloading software to install in these instructions, always
download the source code, and avoid binary installers. Binary installers tend
to make inaccurate assumptions about what libraries you have installed on your
system, as well as other problems.
...
Please be aware, the organization (O) is:
Massachusetts Institute of Technology
and the common name (CN) is the name of the server or
service, including the domain name (.mit.edu). Also, some servers, such
as Thalia servers, can represent an entire subdomain. These servers
will need certificates issued with a wildcard in the domain name, such
as *.isda-thalia-1.mit.edu.
Wiki Markup
certificate and DNS record for *.[hostname], and if it is doing any type of
authentication, it will need a joint client/server certificate to be able
to connect to the Shibboleth server (and have end users connect to it as
well).
2db. To generate a self signed temporary certificate, add the x509 and
nodes options to the openssl command line.
...
| Code Block |
|---|
# points to directory withfor static tomcathtml webappsfiles DocumentRoot "/home/apache-tomcat-5.5.25/webapps/htdocs" # the servername of the server ServerName isda-ws2.mit.edu:443 # the admins of this server ServerAdmin dracus@mit.edu,dongq@mit.edu,dtanner@mit.edu # error log file ErrorLog /home/apache/logs/error_log # access log file TransferLog /home/apache/logs/access_log # public server certificate SSLCertificateFile /usr/local/ssl/certs/isda-ws2.pem # private server certificate SSLCertificateKeyFile /usr/local/ssl/private/https-key.pem #certificate path SSLCACertificatePath /usr/local/ssl/certs # certificate authority key SSLCACertificateFile /usr/local/ssl/certs/mitCA.pem SSLVerifyClient require SSLVerifyDepth 10 |
...