From 1948c19363e084fd79986c730add4cabb4d86c60 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Oliver=20B=C3=B6ttcher?= <oliver.boettcher@pixelpark.com>
Date: Tue, 11 Jul 2017 14:51:38 +0200
Subject: [PATCH] ODT - INT ssl emm_webservice

---
 customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
index 3a3ac488..efd40136 100644
--- a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
+++ b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
@@ -24,7 +24,7 @@ infra::profile::apache::pp_vhosts:
     ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
     ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
     ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
-    #ssl_verify_client: require
+    ssl_verify_client: require
     ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem'
     ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem'
     custom_fragment_ssl: 'SSLRequire %%{ich-trickse}{SSL_CLIENT_I_DN_O} eq "ODT"'
@@ -51,6 +51,7 @@ infra::profile::apache::pp_vhosts:
         provider: location
         path: '/'
         custom_fragment: |
+          # enabled until merge of 71e4c530d286b8f11863d16ee94bc2f28f800cce
           SSLRequire %%{ich-trickse}{SSL_CLIENT_I_DN_O} eq "ODT"
           SSLVerifyClient require
       - webservice:
@@ -60,9 +61,6 @@ infra::profile::apache::pp_vhosts:
           - 'ip 93.188.107.192/26'
           - 'ip 217.66.50.0/24'
           - 'ip 217.66.51.0/24'
-        custom_fragment: |
-          SSLVerifyClient none
-          SSLRequire none
       - newsletterservice:
         provider: location
         path: '/newsletterservice'
-- 
2.39.5