change some coments relative to ssl in config files

httptests
UbitUmarov 2016-10-10 20:14:02 +01:00
parent 80d4f76d18
commit 6b0094645c
2 changed files with 47 additions and 13 deletions

View File

@ -46,22 +46,28 @@
[Const] [Const]
; For a grid these will usually be the externally accessible IP/DNS ; this section defines constants for grid services
; name and use default public port 8002 and default private port 8003 ; to simplify other configuration files default settings
; For a standalone this will usually be the externally accessible IP/DNS
; name and use default public port 9000. The private port is not used
; in the configuration for a standalone.
;# {BaseURL} {} {BaseURL} {"http://example.com" "http://127.0.0.1"} "http://127.0.0.1" ; BaseURL
; should be the externally accessible IP/DNS name of grid or standalone
; http://externalHostName or https://externalHostName if using ssl
; examples: http://mymachine.example.com, https://mymachine.example.com, https://127.0.0.1
; default: http://127.0.0.1
;# {BaseURL} {} {BaseURL} {"http://example.com" "http://127.0.0.1"} ""
BaseURL = http://127.0.0.1 BaseURL = http://127.0.0.1
;# {PublicPort} {} {PublicPort} {8002 9000} "8002" ; default public port
; usually 8002 for grids.
; on standalones it needs to match http_listener_port or http_listener_sslport if using ssl
; in [Network] section below (defaults 9000 or 9001 if using ssl)
;# {PublicPort} {} {PublicPort} {8002 9000 9001} "8002"
PublicPort = "8002" PublicPort = "8002"
;grid default private port 8003, not used in standalone
;# {PrivatePort} {} {PrivatePort} {8003} "8003" ;# {PrivatePort} {} {PrivatePort} {8003} "8003"
PrivatePort = "8003" PrivatePort = "8003"
[Startup] [Startup]
;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) " ;# {ConsolePrompt} {} {ConsolePrompt} {} "Region (\R) "
;; Console prompt ;; Console prompt
@ -437,7 +443,6 @@
;; Password for the default estate owner ;; Password for the default estate owner
; DefaultEstateOwnerPassword = password ; DefaultEstateOwnerPassword = password
[SMTP] [SMTP]
;; The SMTP server enabled the email module to send email to external ;; The SMTP server enabled the email module to send email to external
;; destinations. ;; destinations.
@ -470,7 +475,6 @@
;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {} ;# {SMTP_SERVER_PASSWORD} {[Startup]emailmodule:DefaultEmailModule enabled:true} {SMTP server password} {}
; SMTP_SERVER_PASSWORD = "" ; SMTP_SERVER_PASSWORD = ""
[Network] [Network]
;# {ConsoleUser} {} {User name for console account} {} ;# {ConsoleUser} {} {User name for console account} {}
;; Configure the remote console user here. This will not actually be used ;; Configure the remote console user here. This will not actually be used
@ -487,10 +491,39 @@
;; the region ports use UDP. ;; the region ports use UDP.
; http_listener_port = 9000 ; http_listener_port = 9000
; optional main server secure http (ssl)
; to use ssl you need a ssl certificate in PKCS12 format that validates the ExternalHostnames
; or their domains
; some viewers by default only accept certificates signed by a oficial CA
; to use others like self signed certificates with those viewers,
; their debug option NoVerifySSLCert needs to be set true, You need to inform users about this
; the main unsecure port will still open for some services. this may change in future.
; set http_listener_ssl to enable main server ssl. it will replace unsecure port on most functions
;# {http_listener_ssl}{} {enable main server ssl port)} {} false
;http_listener_ssl = false
; Set port for main SSL connections
;# {http_listener_sslport}{} {main server ssl port)} {} 9001
;http_listener_sslport = 9001 ;
; currently if using ssl, regions ExternalHostName must the the same and equal to http_listener_cn
; this may be removed in future
;# {http_listener_cn}{} {main server ssl externalHostName)} {} ""
;http_listener_cn = "myRegionsExternalHostName"
; the path for the certificate path
;# {http_listener_cert_path}{} {main server ssl certificate file path)} {} ""
;http_listener_cert_path = "mycert.p12"
;# {http_listener_cert_pass}{} {main server ssl certificate password)} {} ""
;http_listener_cert_pass = "mycertpass" ; the cert passwork
; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN. ; By default, OpenSimulator does not allow scripts to make HTTP calls to addresses on the simulator's LAN.
; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter. ; See the OutboundDisallowForUserScripts parameter in OpenSimDefaults.ini for more information on this filter.
; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below. ; If you need to allow scripts to make some LAN calls use the OutboundDisallowForUserScriptsExcept parameter below.
; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing. ; We recommend that you do not override OutboundDisallowForUserScripts directly unless you are very sure about what you're doing.
; this HTTP calls can also use ssl see opensimDefaults.ini
; ;
; You can whitelist individual endpoints by IP or FQDN, e.g. ; You can whitelist individual endpoints by IP or FQDN, e.g.
; ;

View File

@ -510,8 +510,8 @@
http_listener_cert_path = "mycert.p12" ; path for the cert file that is valid for the ExternalHostName http_listener_cert_path = "mycert.p12" ; path for the cert file that is valid for the ExternalHostName
http_listener_cert_pass = "mycertpass" ; the cert passwork http_listener_cert_pass = "mycertpass" ; the cert passwork
; HTTPS for "Out of band" management applications such as the remote ; addicional HTTPS for "Out of band" management applications such as the remote
; admin module ; admin module or scripts
; ;
; Create https_listener = "True" will create a listener on the port ; Create https_listener = "True" will create a listener on the port
; specified. Provide the path to your server certificate along with it's ; specified. Provide the path to your server certificate along with it's
@ -519,7 +519,7 @@
; https_listener = False ; https_listener = False
; Set our listener to this port ; Set our listener to this port
; https_port = 0 ; https_port = 0
; Path to X509 certificate ; Path to X509 certificate, can be the same as main or another
; cert_path = "path/to/cert.p12" ; cert_path = "path/to/cert.p12"
; Password for cert ; Password for cert
; cert_pass = "password" ; cert_pass = "password"
@ -531,6 +531,7 @@
; HttpBodyMaxLenMAX=16384 ; HttpBodyMaxLenMAX=16384
; Hostname to use in llRequestURL/llRequestSecureURL ; Hostname to use in llRequestURL/llRequestSecureURL
; must be a valid hostname for the ssl cert.
; if not defined - default machine name is being used ; if not defined - default machine name is being used
; (on Windows this mean NETBIOS name - useably only inside local network) ; (on Windows this mean NETBIOS name - useably only inside local network)
; ExternalHostNameForLSL=127.0.0.1 ; ExternalHostNameForLSL=127.0.0.1