ODT - INT fix SSL_CLIENT_I_DN_O

author Oliver Böttcher <oliver.boettcher@pixelpark.com>

Tue, 11 Jul 2017 12:35:30 +0000 (14:35 +0200)

committer Oliver Böttcher <oliver.boettcher@pixelpark.com>

Tue, 11 Jul 2017 12:35:48 +0000 (14:35 +0200)
author Oliver Böttcher <oliver.boettcher@pixelpark.com>
Tue, 11 Jul 2017 12:35:30 +0000 (14:35 +0200)
committer Oliver Böttcher <oliver.boettcher@pixelpark.com>
Tue, 11 Jul 2017 12:35:48 +0000 (14:35 +0200)
diff --git a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml

index 49605076c5e7ece74633a69bb274d63c2443a86e..e4d34e75f9501d32217756c38cf8061682f4cd66 100644 (file)
--- a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
+++ b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
@@ -27,7 +27,7 @@ infra::profile::apache::pp_vhosts:
      #ssl_verify_client: require
      ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem'
      ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem'
-    custom_fragment_ssl: 'SSLRequire %%{ich-trickse}{SSL_CLIENT_S_DN_O} eq "ODT"'
+    custom_fragment_ssl: 'SSLRequire %%{ich-trickse}{SSL_CLIENT_I_DN_O} eq "ODT"'
      rewrites_non_ssl:
        - https:
          comment: 'almost all to https'
@@ -51,7 +51,7 @@ infra::profile::apache::pp_vhosts:
          provider: location
          path: '/'
          custom_fragment: |
-          SSLRequire %%{ich-trickse}{SSL_CLIENT_S_DN_O} eq "ODT"
+          SSLRequire %%{ich-trickse}{SSL_CLIENT_I_DN_O} eq "ODT"
            SSLVerifyClient require
        - webservice:
          provider: location
author	Oliver Böttcher <oliver.boettcher@pixelpark.com>
	Tue, 11 Jul 2017 12:35:30 +0000 (14:35 +0200)
committer	Oliver Böttcher <oliver.boettcher@pixelpark.com>
	Tue, 11 Jul 2017 12:35:48 +0000 (14:35 +0200)