Revision 5ac92956
Added by Benoît PECCATTE almost 7 years ago
rudder-server-relay/SOURCES/rudder-apache-relay-ssl.conf | ||
---|---|---|
# Provide nodes policies
|
||
Alias /policies /var/rudder/share
|
||
<Location /policies>
|
||
# ----------------------
|
||
|
||
SSLUserName SSL_CLIENT_S_DN_CN
|
||
SSLCACertificateFile /opt/rudder/etc/ssl/ca.cert
|
||
|
||
# This is the basic configuration for sub-directories of /var/rudder/share
|
||
# The is no Location nor alias because /var/rudder/share is not shared.
|
||
# Only subdirectories are shared (from rudder-share-acl.conf)
|
||
#
|
||
# Warning: Do not create any alias on /var/rudder/share itself !
|
||
#
|
||
<Directory /var/rudder/share>
|
||
SSLVerifyClient require
|
||
SSLRequireSSL
|
||
|
||
# rudder-networks.conf / rudder-networks-24.conf is automatically
|
||
# generated according to the hosts allowed by rudder.
|
||
... | ... | |
<IfVersion >= 2.4>
|
||
Include /opt/rudder/etc/rudder-networks-24.conf
|
||
</IfVersion>
|
||
</Directory>
|
||
|
||
</Location>
|
||
# include directory specific authorization
|
||
<IfVersion < 2.4>
|
||
Include /opt/rudder/etc/rudder-share-acl.conf
|
||
</IfVersion>
|
||
<IfVersion >= 2.4>
|
||
Include /opt/rudder/etc/rudder-share-acl-24.conf
|
||
</IfVersion>
|
||
|
Also available in: Unified diff
Fixes #10958: Add ssl based authentication to policies