diff options
Diffstat (limited to 'ipaserver/install/httpinstance.py')
-rw-r--r-- | ipaserver/install/httpinstance.py | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py index fe5f7aa9..04d1ed40 100644 --- a/ipaserver/install/httpinstance.py +++ b/ipaserver/install/httpinstance.py @@ -75,6 +75,7 @@ class HTTPInstance(service.Service): self.step("disabling mod_ssl in httpd", self.__disable_mod_ssl) self.step("setting mod_nss port to 443", self.__set_mod_nss_port) self.step("setting mod_nss password file", self.__set_mod_nss_passwordfile) + self.step("enabling mod_nss renegotiate", self.__enable_mod_nss_renegotiate) self.step("adding URL rewriting rules", self.__add_include) self.step("configuring httpd", self.__configure_http) self.step("setting up ssl", self.__setup_ssl) @@ -160,6 +161,10 @@ class HTTPInstance(service.Service): def __set_mod_nss_nickname(self, nickname): installutils.set_directive(NSS_CONF, 'NSSNickname', nickname) + def __enable_mod_nss_renegotiate(self): + installutils.set_directive(NSS_CONF, 'NSSRenegotiation', 'on',False) + installutils.set_directive(NSS_CONF, 'NSSRequireSafeNegotiation', 'on',False) + def __set_mod_nss_passwordfile(self): installutils.set_directive(NSS_CONF, 'NSSPassPhraseDialog', 'file:/etc/httpd/conf/password.conf') |