/rc/bin/cpurc
2002/08/30
Certificate must be provided for https service.
Let's assume we have recompiled our kernel to reflect new factotum, and we have cert.pem and key.pem.
See path for factotum if you don't have recompiled kernel yet,
and see certificateif you don't have certificate yet.
/sys/lib/tls
. The access mode is:--r--r--r-- M 8 bootes sys 1249 Jul 29 18:42 cert.pem --r-------- M 8 bootes sys 887 Jul 29 18:42 key.pemNote that
/sys/lib/tls
is in the service space of CGI. Therefore we should have placed key.pem to more safe place.
-----BEGIN RSA PRIVATE KEY----- MIICXAIBAAKBgQC3e6fc5JGqId3EB6bG5bW0n/nxm+Hl/cqZ10auwGkoUIPSGt70 36biOH74tkKnqVmfK+IsahG+s1qRcSJzA6qW+l7yYghOu5EFRPA5tf1gj2yAUmsP ..... ..... p1bb+XDjBL3CcrWbzo7tAje7Zcl+r9q+RSOUKhJ4MP0= -----END RSA PRIVATE KEY-----This format is not accepted by factotum. We must convert
pey.pem
to store factotum.cpu% auth/secretpem /sys/lib/tls/key.pem > /mnt/factotum/ctl
web
and run/usr/local/bin/386/httpd -us -p443 -c/sys/lib/tls/cert.pemto invoke httpd of pegasus for https service.
mon -du web -p passwordfile /usr/local/bin/386/httpd -suM -p443 -c/sys/lib/tls/cert.pemwhere passwordfile is a path to password file that enables user
bootes
to become user web
.
/rc/bin/cpurc
auth/secretpem /usr/bootes/private/key.pem > /mnt/factotum/ctl a=/usr/local/bin/$cputype c=/sys/lib/tls/cert.pem p=/usr/web/lib/passwd $a/mon -du web -p $p $a/httpd -suM $a/mon -du web -p $p $a/httpd -suM -p443 -c $cPut these lines to your
/rc/bin/cpurc
and modify if necessary.
https://plan9.aichi-u.ac.jp