WSGIDaemonProcess unfold processes=2 threads=25
WSGIProcessGroup unfold
CustomLog ${APACHE_LOG_DIR}/unfold-access.log common
ErrorLog ${APACHE_LOG_DIR}/unfold-error.log
WSGIScriptAlias / /usr/share/unfold/apache/unfold.wsgi
Order deny,allow
Allow from all
Alias /static/ /usr/share/unfold/static/
Order deny,allow
Allow from all
# This port (not necessarily well picked) is configured
# with client-certificate required
# corresponding trusted roots (e.g. ple.gid and plc.gid) should be
# configured in /etc/unfold/trusted_roots
# check Jordan's email and pointer to trac, although we do not want
# this to be optional on that port
WSGIDaemonProcess unfold-ssl processes=2 threads=25
WSGIProcessGroup unfold-ssl
CustomLog ${APACHE_LOG_DIR}/myslice-ssl-access.log common
ErrorLog ${APACHE_LOG_DIR}/myslice-ssl-error.log
WSGIScriptAlias / /usr/share/unfold/apache/unfold.wsgi
Order deny,allow
Allow from all
Alias /static/ /usr/share/unfold/static/
Order deny,allow
Allow from all
SSLEngine on
SSLVerifyClient require
SSLVerifyDepth 5
# make this a symlink to /etc/sfa/trusted_roots if that makes sense in your env.
SSLCACertificatePath /etc/unfold/trusted_roots
# see init-ssl.sh for how to create self-signed stuff in here
SSLCertificateFile /etc/unfold/myslice.cert
SSLCertificateKeyFile /etc/unfold/myslice.key
# SSLOptions +StdEnvVars +ExportCertData
SSLOptions +StdEnvVars