Configuring Apache Module on Machine 1
You must configure the Apache module to connect to the secure Rendezvous daemon. To configure the Apache module installed on the machine where Apache server is running (Machine 1), follow these steps:
Procedure
- Open the mod_ASG.conf file for editing.
-
Set the parameters as described in the following table:
Apache Module Properties Property Description AsgService Specifies the service parameter configured for rvsrd on Machine 1. For example, 1111. This parameter value must be configured different from the value specified for rvrd setup on Machine 2.
AsgNetwork Specifies the network parameter set during the configuration of secure Rendezvous daemon (rvsrd). This parameter is a random multicast IP address used to broadcast messages to the machines in that multicast group.
For example, ;239.1.1.11
AsgDaemon Specifies the daemon value set during the configuration of secure Rendezvous daemon (rvsrd). For example, ssl:ASGRVSecure:7500
You must specify the ssl prefix before the machine name, otherwise the connection fails.
AsgSubject Specifies the subject name used to send the message to the secure Rendezvous daemon (rvsrd). AsgSecureDaemon A Boolean property to enable or disable the secure Rendezvous daemon connection for the Apache module. The secure Rendezvous daemon can run on the same or different machines where the Apache server is running.
Possible values are On and Off.
Set this value to On to enable the Apache module to connect to the secure Rendezvous daemon (rvsrd).
AsgSecureDaemonCert AsgSecureDaemonUsername - Specifies the username used in
rvsrd configuration.
If AsgSecureDaemonUsername is set, the Apache module uses the username and password to connect to the rvsrd daemon.
If AsgSecureDaemonUsername is not set, AsgSecureDaemonKey parameter must be set. See AsgSecureDaemonKey.
- Optional.
AsgSecureDaemonPassword - Specifies the password used by the client in rvsrd configuration. The password is required when connecting to the rvsrd daemon either using the username or the client certificate. You can specify an obfuscated password for this parameter. The obfuscated password is generated using the asg-password-obfuscator utility located in the ASG_HOME/bin directory.
- Required.
AsgSecureDaemonKey - Specifies the path to the user certificate of secure Rendezvous daemon (rvsrd). This user certificate is configured for a user in the
rvsrd setup. The certificate should be in text (PEM) format.
The Apache module connects to the secure Rendezvous daemon (rvsrd) using the user certificate specified by this parameter.
- If this parameter is not set, the Apache module connects to the secure Rendezvous daemon (rvsrd) using the username and password specified by AsgSecureDaemonUsername and AsgSecureDaemonPassword parameters.
- Optional.
- Specifies the username used in
rvsrd configuration.
-
Save the changes to the file.
Note: You can use the asg-password-obfuscator executable to obfuscate the password. The obfuscated password can be used in the AsgSecureDaemonPassword parameter of the mod_ASG.conf file of Apache module. See asg-password-obfuscator Utility for usage details.