ODT - int fix client ssl client

author Oliver Böttcher <oliver.boettcher@pixelpark.com>

Tue, 11 Jul 2017 11:41:47 +0000 (13:41 +0200)

committer Oliver Böttcher <oliver.boettcher@pixelpark.com>

Tue, 11 Jul 2017 11:41:47 +0000 (13:41 +0200)
author Oliver Böttcher <oliver.boettcher@pixelpark.com>
Tue, 11 Jul 2017 11:41:47 +0000 (13:41 +0200)
committer Oliver Böttcher <oliver.boettcher@pixelpark.com>
Tue, 11 Jul 2017 11:41:47 +0000 (13:41 +0200)
diff --git a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml

index b1dca80f3c74f064d284f4cb685007cf59a17855..f192366082843c7bd872751ca48c7d809c9ef35e 100644 (file)
--- a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
+++ b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
@@ -24,7 +24,7 @@ infra::profile::apache::pp_vhosts:
      ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
      ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
      ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
-    ssl_verify_client: require
+    #ssl_verify_client: require
      ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem'
      ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem'
      custom_fragment_ssl: 'SSLRequire %%{ich-trickse}{SSL_CLIENT_S_DN_O} eq "ODT"'
@@ -67,6 +67,10 @@ infra::profile::apache::pp_vhosts:
              - ip 192.168.170.53
              - ip 192.168.170.52
              - ip 54.205.87.231
+      - slash:
+        provider: location
+        path: '/'
+        custom_fragment: "SSLVerifyClient require"
  
  infra::profile::cron::cronjobs:
    fetchcrl:
author	Oliver Böttcher <oliver.boettcher@pixelpark.com>
	Tue, 11 Jul 2017 11:41:47 +0000 (13:41 +0200)
committer	Oliver Böttcher <oliver.boettcher@pixelpark.com>
	Tue, 11 Jul 2017 11:41:47 +0000 (13:41 +0200)