From 7073e04f27e64df68ee2ece54ee43d30ad4064f4 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Oliver=20B=C3=B6ttcher?= <oliver.boettcher@pixelpark.com>
Date: Fri, 24 Mar 2017 11:05:17 +0100
Subject: [PATCH] ODT - client cert

---
 customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
index 453e3aad..3166b5ac 100644
--- a/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
+++ b/customer/mbvd-odt/int-odt-daimler-com.pixelpark.net.yaml
@@ -18,6 +18,10 @@ site::profile::apache::pp_vhosts:
     ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
     ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
     ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
+    ssl_verify_client: require
+    ssl_crl_check: true
+    ssl_crl: '/etc/pki/tls/certs/odt-cacrl.pem'
+    ssl_ca: '/etc/pki/tls/certs/odt-root-ca.pem'
     rewrites_non_ssl:
       - https:
         comment: 'almost all to https'
-- 
2.39.5