From eed30e0e8dcf20a4ba32fff20a20f9035f5599e9 Mon Sep 17 00:00:00 2001
From: Philipp Dallig <philipp.dallig@pixelpark.com>
Date: Sat, 5 Mar 2016 21:38:11 +0100
Subject: [PATCH] ssl Options for foreman

---
 customer/pixelpark/foreman01.pixelpark.com.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/customer/pixelpark/foreman01.pixelpark.com.yaml b/customer/pixelpark/foreman01.pixelpark.com.yaml
index c857ed5b..29735e42 100644
--- a/customer/pixelpark/foreman01.pixelpark.com.yaml
+++ b/customer/pixelpark/foreman01.pixelpark.com.yaml
@@ -24,5 +24,9 @@ site::profile::apache::pp_vhosts:
     ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem'
     ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.com-key.pem'
     ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.com-cert.pem'
+    ssl_ca: '/var/lib/puppet/ssl/certs/ca.pem'
+    ssl_verify_client: optional
+    ssl_options:
+      - '+StdEnvVars'
     passenger_app_root: '/usr/share/foreman'
     redirect_dest_non_ssl: https://foreman.pixelpark.com/
-- 
2.39.5