source: mod_gnutls/test/ocsp_server.conf.in @ 94430e6

asynciodebian/masterdebian/stretch-backportsmainproxy-ticketupstream
Last change on this file since 94430e6 was 94430e6, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Test suite: Run a separate Apache instance for the OCSP responder

This change will be needed to cache OCSP responses on start (and
schedule) instead of when needed. An OCSP responder in the same Apache
instance won't be ready while the mod_gnutls post_config hook is
executing.

The changes to lock file handling included in this patch mean that
most parts of the test framework won't need to check which locking
method (if any) is used, they can just pass a lock file which is then
used for flock or PID file checks depending on ./configure results.
  • Property mode set to 100644
File size: 1.2 KB
Line 
1Define  OCSP_PORT       ${OCSP_PORT}
2Define  TEST_PORT       ${OCSP_PORT}
3
4Include ${srcdir}/base_apache.conf
5
6Include         ${srcdir}/cgi_module.conf
7LoadModule      env_module              ${AP_LIBEXECDIR}/mod_env.so
8LoadModule      rewrite_module          ${AP_LIBEXECDIR}/mod_rewrite.so
9
10# separate log and PID file
11CustomLog       logs/${TEST_NAME}.ocsp.access.log combined
12ErrorLog        logs/${TEST_NAME}.ocsp.error.log
13PidFile         ocsp@PID_AFFIX@.pid
14
15<IfDefine !OCSP_INDEX>
16        # Default index file, define OCSP_INDEX in the test specific
17        # config to override
18        Define  OCSP_INDEX      ${PWD}/authority/ocsp_index.txt
19</IfDefine>
20
21<VirtualHost _default_:${OCSP_PORT}>
22        RewriteEngine   On
23        RewriteRule     ^/ocsp(.*)      /ocsp.cgi$1     [L]
24        <Location /ocsp/>
25                # Some clients seem to have trouble with chunked
26                # encoding, so force HTTP/1.0 for now.
27                SetEnv  downgrade-1.0
28                # certificates and key for ocsp.cgi
29                SetEnv  CA_CERT         ${PWD}/authority/x509.pem
30                SetEnv  OCSP_INDEX      ${OCSP_INDEX}
31                SetEnv  OCSP_CERT       ${PWD}/ocsp-responder/x509.pem
32                SetEnv  OCSP_KEY        ${PWD}/ocsp-responder/secret.key
33                <If "-n osenv('OPENSSL')">
34                        # Pass OPENSSL variable to CGI script if set
35                        SetEnv  OPENSSL         ${OPENSSL}
36                </If>
37        </Location>
38        <Directory ${srcdir}/data>
39                Options +ExecCGI
40        </Directory>
41</VirtualHost>
Note: See TracBrowser for help on using the repository browser.