hmmmm4

2026-04-27 13:21:58 +01:00
parent 5bd7355e8b
commit ddb5ad81ac
11 changed files with 750 additions and 401 deletions
--- a/conf/ssl.conf
+++ b/conf/ssl.conf
@@ -8,21 +8,21 @@ Listen 443 https
    SSLCertificateKeyFile /etc/httpd/ssl/apache.key
    SSLCACertificateFile /etc/httpd/ssl/ca.crt

-    # Mutual Authentication (Client Cert)
+    # mutual authentication
    SSLVerifyClient require
    SSLVerifyDepth 1

-    # OCSP Validation against CA
+    # ocsp validation
    SSLOCSPEnable on
    SSLOCSPDefaultResponder "http://10.60.0.1:8888"
    SSLOCSPOverrideResponder on
    SSLOCSPUseRequestNonce off

-    # Session management for Form Auth
+    # session management 
    Session On
    SessionCookieName session path=/;HttpOnly;Secure

-    # Protected Area
+    # proteger
    <Location "/">
        AuthType Form
        AuthName "Coimbra VPN"
@@ -32,26 +32,28 @@ Listen 443 https
        Require valid-user
    </Location>

-    # Public Login Page
+    # public login page
    <Location "/login.html">
        AuthType None
        Require all granted
    </Location>

-    # Login Handler
+    # login handler
    <Location "/dologin">
        SetHandler form-login-handler
        AuthType Form
        AuthName "Coimbra VPN"
        AuthFormProvider PAM
        AuthPAMService httpd-totp
+        Require all granted
        AuthFormLoginSuccessLocation "/index.html"
        AuthFormLoginRequiredLocation "/login.html?error=1"
    </Location>

-    # Logout Handler
+    # logout handler
    <Location "/logout">
        SetHandler form-logout-handler
        AuthFormLogoutLocation "/login.html?loggedout=1"
    </Location>
+
 </VirtualHost>