From: Oliver Böttcher <oliver.boettcher@pixelpark.com>
Date: Mon, 10 Jul 2017 10:32:56 +0000 (+0200)
Subject: ODT - fix client certs
X-Git-Tag: v0.1.0~2687^2
X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=27c87b1daa13aff8e59a510e2dfd17f9e5fb624a;p=pixelpark%2Fhiera.git

ODT - fix client certs
---

diff --git a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
index dcc69aed..421513ec 100644
--- a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
+++ b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
@@ -25,12 +25,12 @@ infra::profile::apache::pp_vhosts:
     ssl_verify_client: require
     ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem'
     ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem'
-    custom_fragment: 'SSLRequire %%{ich-trickse}{SSL_CLIENT_S_DN_O} eq "ODT"'
+    custom_fragment_ssl: 'SSLRequire %%{ich-trickse}{SSL_CLIENT_S_DN_O} eq "ODT"'
     rewrites_non_ssl:
       - https:
         comment: 'almost all to https'
         rewritecond:
-          - '%{ich-trickse}{REQUEST_URI} !^/.\.html'
+          - '%%{ich-trickse}{REQUEST_URI} !^/.\.html'
         rewrite_rule:
           - '^(.*)$ https://int-odt-daimler-com.pixelpark.net$1 [L,R=301]'
     proxy_preserve_host: true