Project

General

Profile

« Previous | Next » 

Revision 5ac92956

Added by Benoît PECCATTE almost 7 years ago

Fixes #10958: Add ssl based authentication to policies

View differences:

rudder-server-relay/SOURCES/rudder-apache-relay-ssl.conf
# Provide nodes policies
Alias /policies /var/rudder/share
<Location /policies>
# ----------------------
SSLUserName SSL_CLIENT_S_DN_CN
SSLCACertificateFile /opt/rudder/etc/ssl/ca.cert
# This is the basic configuration for sub-directories of /var/rudder/share
# The is no Location nor alias because /var/rudder/share is not shared.
# Only subdirectories are shared (from rudder-share-acl.conf)
#
# Warning: Do not create any alias on /var/rudder/share itself !
#
<Directory /var/rudder/share>
SSLVerifyClient require
SSLRequireSSL
# rudder-networks.conf / rudder-networks-24.conf is automatically
# generated according to the hosts allowed by rudder.
......
<IfVersion >= 2.4>
Include /opt/rudder/etc/rudder-networks-24.conf
</IfVersion>
</Directory>
</Location>
# include directory specific authorization
<IfVersion < 2.4>
Include /opt/rudder/etc/rudder-share-acl.conf
</IfVersion>
<IfVersion >= 2.4>
Include /opt/rudder/etc/rudder-share-acl-24.conf
</IfVersion>

Also available in: Unified diff