tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Changed puppet apache frontend to honor puppet ca revocation list.

Browse source
This commit is contained in:
Timo Mkinen 2011-08-02 15:00:49 +03:00
parent 05b5eb9548
commit 399d70480f
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
puppet/templates/puppet-httpd.conf.erb
View file

@ -68,6 +68,13 @@ SSLCertificateChainFile <%= puppet_ssldir %>/certs/ca.pem
# huge file containing all of them (file must be PEM encoded) # huge file containing all of them (file must be PEM encoded)
SSLCACertificateFile <%= puppet_ssldir %>/certs/ca.pem SSLCACertificateFile <%= puppet_ssldir %>/certs/ca.pem
# Certificate Revocation List:
# Point SSLCARevocation file at a file containing the
# Certificate Revocation Lists (CRL) of Certification
# Authorities (CA) whose clients you deal with. These are used
# for client authentication.
SSLCARevocationFile <%= puppet_ssldir %>/ca/ca_crl.pem
# Client Authentication (Type): # Client Authentication (Type):
# Client certificate verification type and depth. Types are # Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a # none, optional, require and optional_no_ca. Depth is a