Listen 443 https ServerName 10.60.0.1 DocumentRoot /var/www/html SSLEngine on SSLCertificateFile /etc/httpd/ssl/apache.crt SSLCertificateKeyFile /etc/httpd/ssl/apache.key SSLCACertificateFile /etc/httpd/ssl/ca.crt # mutual authentication SSLVerifyClient require SSLVerifyDepth 1 # ocsp validation SSLOCSPEnable on SSLOCSPDefaultResponder "http://10.60.0.1:8888" SSLOCSPOverrideResponder on SSLOCSPUseRequestNonce off # session management Session On SessionCookieName session path=/;HttpOnly;Secure # proteger AuthType Form AuthName "Coimbra VPN" AuthFormProvider PAM AuthPAMService httpd-totp AuthFormLoginRequiredLocation "/login.html" Require valid-user # public login page AuthType None Require all granted # login handler SetHandler form-login-handler AuthType Form AuthName "Coimbra VPN" AuthFormProvider PAM AuthPAMService httpd-totp Require all granted AuthFormLoginSuccessLocation "/index.html" AuthFormLoginRequiredLocation "/login.html?error=1" # logout handler SetHandler form-logout-handler AuthFormLogoutLocation "/login.html?loggedout=1"