ODT - client cert

author Oliver Böttcher <oliver.boettcher@pixelpark.com>

Fri, 24 Mar 2017 10:05:17 +0000 (11:05 +0100)

committer Oliver Böttcher <oliver.boettcher@pixelpark.com>

Fri, 24 Mar 2017 10:05:17 +0000 (11:05 +0100)
author Oliver Böttcher <oliver.boettcher@pixelpark.com>
Fri, 24 Mar 2017 10:05:17 +0000 (11:05 +0100)
committer Oliver Böttcher <oliver.boettcher@pixelpark.com>
Fri, 24 Mar 2017 10:05:17 +0000 (11:05 +0100)
diff --git a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml

index 453e3aad4a0baa858deded63aff096e6e29325a6..3166b5ac311123b9751546764fcd93bfb8aac982 100644 (file)
--- a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
+++ b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
@@ -18,6 +18,10 @@ site::profile::apache::pp_vhosts:
      ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
      ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
      ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+    ssl_verify_client: require
+    ssl_crl_check: true
+    ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem'
+    ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem'
      rewrites_non_ssl:
        - https:
          comment: 'almost all to https'
author	Oliver Böttcher <oliver.boettcher@pixelpark.com>
	Fri, 24 Mar 2017 10:05:17 +0000 (11:05 +0100)
committer	Oliver Böttcher <oliver.boettcher@pixelpark.com>
	Fri, 24 Mar 2017 10:05:17 +0000 (11:05 +0100)