{"type":"doc","content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Apache 2.4 - Notice the SSL configuration is included as SSL is required for Shibboleth login.","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":" \n ServerName pcr360.pcr.com \n ErrorLog logs/ssl_error_log \n TransferLog logs/ssl_access_log \n LogLevel warn \n\n SSLEngine on\n # TLS 1.2 is currently considered the only secure transport type at this time\n SSLProtocol -all +TLSv1.2 +TLSv1.3\n SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM SSLHonorCipherOrder on\n SSLCertificateFile /etc/pki/tls/certs/pcr360_pcr_com_cert.cer \n SSLCertificateChainFile /etc/pki/tls/certs/pcr360_pcr_com_interm.cer S\n SLCertificateKeyFile /etc/pki/tls/private/pcr360.pcr.com.key \n\n DocumentRoot /var/www/pcr360/prod/public \n SetEnv APPLICATION_ENV \"prod\" \n SetEnv APPLICATION_INI \"/home/vcu/pcr360/configs/pcr.ini\" \n\n # file system\n \n DirectoryIndex index.php\n AllowOverride None\n Include /var/www/pcr360/prod/public/.htaccess\n Require all granted\n \n\n # Require all traffic to go through shibboleth authentication, except the metadata\n \n Order deny,allow\n Deny from all\n AuthType shibboleth\n ShibRequireSession On\n # ShibRequestSetting applicationId is used in multi server configurations only\n # The setting goes into the virtual host for the test server in order to\n # specify the name of the corresponding ApplicationOverride ID in the shibboleth.2.xml file\n # ShibRequestSetting applicationId pcr360test\n ShibRedirectToSSL 443\n ExpiresActive Off\n require valid-user\n #Allow from 74.124.26.130\n Satisfy Any\n \n\n \n Require all granted\n \n\n \n\t\tSSLOptions +StdEnvVars \n\t \n","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Apache 2.2","type":"text"}]},{"type":"codeBlock","attrs":{"language":"shell"},"content":[{"text":"\n\tServerName pcr360.pcr.com\n \n\tErrorLog logs/ssl_error_log\n\tTransferLog logs/ssl_access_log\n\tLogLevel warn\n \n\tSSLEngine on\n # TLS 1.2 is currently considered the only secure transport type at this time\n\tSSLProtocol -all +TLSv1.2 \n\tSSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS \n\tSSLHonorCipherOrder on\n\tSSLCertificateFile /etc/pki/tls/certs/pcr360_pcr_com_cert.cer\n\tSSLCertificateChainFile /etc/pki/tls/certs/pcr360_pcr_com_interm.cer\n\tSSLCertificateKeyFile /etc/pki/tls/private/pcr360.pcr.com.key\n \n\tDocumentRoot /var/www/pcr360/prod/public\n \n\tSetEnv APPLICATION_ENV \"prod\"\n\tSetEnv APPLICATION_INI \"/home/vcu/pcr360/configs/pcr.ini\"\n\n \n\t\n\t\tDirectoryIndex index.php\n\t\tAllowOverride All\n\t\tOrder allow,deny\n\t\tAllow from all\n\t\n \n\t\n\t\tOrder deny,allow\n\t\tDeny from all\n\t\tAuthType shibboleth\n\t\tShibCompatWith24 On\n\t\tSShibRequestSetting requireSession 1\n ShibRequestSetting redirectToSSL 443 \n\t\t# ShibRequestSetting applicationId is used in multi server configurations only\n # The setting goes into the virtual host for the test server in order to \n # specify the name of the corresponding ApplicationOverride ID in the shibboleth.2.xml file\n #ShibRequestSetting applicationId pcr360test\n\t\tExpiresActive Off\n\t\trequire valid-user\n\t\tAllow from 74.124.26.199\n\t\tSatisfy Any\n\t\n \n\t\n\t\tAllow from all\n\t\n \n\t\n\t\tSSLOptions +StdEnvVars\n\t\n","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}],"version":1}

Browser not supported