diff options
| author | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-10-29 04:43:21 +0000 |
|---|---|---|
| committer | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-10-29 04:43:21 +0000 |
| commit | db615a895b644af038308ae71b680f1d93f78f70 (patch) | |
| tree | 6d1a4510d625fd4d6afe2848b8de686af74a118a /pki/base/ca/shared/conf/proxy.conf | |
| parent | a8a64c7f1dcaf3012fa8d3cd164c890ceb146d0d (diff) | |
| download | pki-db615a895b644af038308ae71b680f1d93f78f70.tar.gz pki-db615a895b644af038308ae71b680f1d93f78f70.tar.xz pki-db615a895b644af038308ae71b680f1d93f78f70.zip | |
Bugzilla Bug #737761 - Update Dogtag Packages for Fedora 16DOGTAG_9_0_FEDORA_15_16_17_20111028
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/DOGTAG_9_0_FEDORA_15_16_17_20111028@2279 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/ca/shared/conf/proxy.conf')
| -rw-r--r-- | pki/base/ca/shared/conf/proxy.conf | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/pki/base/ca/shared/conf/proxy.conf b/pki/base/ca/shared/conf/proxy.conf new file mode 100644 index 000000000..663ba5722 --- /dev/null +++ b/pki/base/ca/shared/conf/proxy.conf @@ -0,0 +1,34 @@ +ProxyRequests Off + +# matches for ee port +<LocationMatch "^/ca/ee/*|^/ca/renewal|^/ca/certbasedenrollment|^/ca/ocsp|^/ca/enrollment|^/ca/profileSubmit|^/ca/cgi-bin/pkiclient.exe"> + NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate + NSSVerifyClient none + ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ +</LocationMatch> + +# matches for admin port +<LocationMatch "^/ca/admin/*|^/ca/auths|^/ca/acl|^/ca/server|^/ca/caadmin|^/ca/caprofile|^/ca/jobsScheduler|^/ca/capublisher|^/ca/log|^/ca/ug"> + NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate + NSSVerifyClient none + ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ +</LocationMatch> + +# matches for agent port and eeca port +<LocationMatch "^/ca/agent/*|^/ca/ca/getCertFromRequest|^/ca/ca/GetBySerial|^/ca/ca/connector|/ca/ca/displayCertFromRequest|^/ca/doRevoke|^/ca/eeca/*"> + NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate + NSSVerifyClient require + ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ +</LocationMatch> + +# static content +<LocationMatch "^/graphics/*"> + NSSOptions +StdEnvVars +ExportCertData +StrictRequire +OptRenegotiate + NSSVerifyClient none + ProxyPassMatch ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ + ProxyPassReverse ajp://[PKI_MACHINE_NAME]:[PKI_AJP_PORT]/ +</LocationMatch> + |