[pubcookie-users] Pubcookie virtual host support
dors at cac.washington.edu
Tue Jan 25 13:41:27 PST 2005
I think we've progressed beyond that, such that each virtual host
can have its own session key pair and encryption key obtained from
the keyserver. In my limited experience with this, you need to
define the usual pubcookie directives as defaults, which you can
then override in the vhost configs.
All this was introduced in 3.1, and here's the brief yet relevant
section from the install guide:
On Tue, 25 Jan 2005, Jim Hogan wrote:
> I am in the process of migrating two Apache virtual servers (test/development
> servers) onto a new box. Previously, just one of these was pubcookie
> protected, but it occurred to me that since I have unique IPs for each
> virtual server now, I could pubcookie both of them (which would be
> desirable). These will now run under Pubcookie 3.2 + Apache 2.
> How to pubcookie multiple virtual hosts has come up before. This thread from
> January 2003:
> Concluded with:
> "I got it working now. I think keyclient generates
> a DES keyfile with a filename (and maybe some "salt") extracted from the
> certificate that is configured in the pubcookie config. Seems as if this
> keyfile must be the "master", which has to be copied to the keyfiles
> with the names of the other virtual hosts. Mirko "
> Is this still a fair summary of the best approach under 3.2?
> pubcookie-users mailing list
> pubcookie-users at u.washington.edu
More information about the pubcookie-users