vasco/FSI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ebc05382b333beeb057610f04be0ebb548b9dbc7
FSI/conf/ssl.conf
Vasco 457018b127 www
2026-04-25 17:28:37 +01:00

58 lines
1.5 KiB
Plaintext
Raw Blame History

Listen 443 https
<VirtualHost *:443>
ServerName 10.60.0.1
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/apache.crt
SSLCertificateKeyFile /etc/httpd/ssl/apache.key
SSLCACertificateFile /etc/httpd/ssl/ca.crt
# Mutual Authentication (Client Cert)
SSLVerifyClient require
SSLVerifyDepth 1
# OCSP Validation against CA
SSLOCSPEnable on
SSLOCSPDefaultResponder "http://10.60.0.1:8888"
SSLOCSPOverrideResponder on
SSLOCSPUseRequestNonce off
# Session management for Form Auth
Session On
SessionCookieName session path=/;HttpOnly;Secure
# Protected Area
<Location "/">
AuthType Form
AuthName "Coimbra VPN"
AuthFormProvider PAM
AuthPAMService httpd-totp
AuthFormLoginRequiredLocation "/login.html"
Require valid-user
</Location>
# Public Login Page
<Location "/login.html">
AuthType None
Require all granted
</Location>
# Login Handler
<Location "/dologin">
SetHandler form-login-handler
AuthType Form
AuthName "Coimbra VPN"
AuthFormProvider PAM
AuthPAMService httpd-totp
AuthFormLoginSuccessLocation "/index.html"
AuthFormLoginRequiredLocation "/login.html?error=1"
</Location>
# Logout Handler
<Location "/logout">
SetHandler form-logout-handler
AuthFormLogoutLocation "/login.html?loggedout=1"
</Location>
</VirtualHost>
Reference in New Issue View Git Blame Copy Permalink