This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_http [2022/10/06 06:51] val [Управление доступом к HTTP серверу с использованием GSSAPI аутентификации] |
сервис_http [2023/01/08 07:01] val [Поддержка протокола HTTPS] |
||
---|---|---|---|
Line 539: | Line 539: | ||
===== Поддержка протокола HTTPS ===== | ===== Поддержка протокола HTTPS ===== | ||
+ | * [[https://stackoverflow.com/questions/31370454/sslcertificatechainfile-is-obsolete|SSLCertificateChainFile is now obsolete, and any intermediate certificates are supposed to be included in the server certificate file]] | ||
==== Debian/Ubuntu ==== | ==== Debian/Ubuntu ==== | ||
<code> | <code> | ||
Line 814: | Line 815: | ||
[[http://grolmsnet.de/kerbtut/firefox.html]] | [[http://grolmsnet.de/kerbtut/firefox.html]] | ||
- | ==== Управление доступом к HTTP серверу с использованием GSSAPI аутентификации ==== | + | ==== Управление доступом к HTTP серверу с использованием OAuth2 аутентификации ==== |
- | <code> | + | * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] |
+ | * [[Инструмент GitLab#Сервер OAuth2]] из GitLab | ||
+ | <code> | ||
+ | gate# apt install libapache2-mod-auth-openidc | ||
+ | </code><code> | ||
+ | gate# cat /etc/apache2/sites-available/000-default.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | OIDCSSLValidateServer Off | ||
+ | OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration | ||
+ | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | ||
+ | OIDCClientID e...............................................4 | ||
+ | OIDCClientSecret 7.................................................4 | ||
+ | OIDCCryptoPassphrase anystring | ||
+ | ... | ||
+ | </code><code> | ||
+ | # cat /etc/apache2/conf-available/serve-cgi-bin.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | #Require all granted | ||
+ | AuthType openid-connect | ||
+ | Require valid-user | ||
+ | ... | ||
+ | </code><code> | ||
+ | Проверка: http://gate.corp13.un/cgi-bin/test-cgi/ !!! Последний / обязательно !!! | ||
</code> | </code> | ||