Separate CAs for client certs and server cert chain

- Modified the VirtualHost screen to make more clear the difference between "server certificate chain" and "client certification authority"
- Modified configuration generation accordingly with proper options (SSLCertificateChainFile for server cert chain, SSLCACertificateFile for client certificates) according to Apache documentation

1 files changed, 12 insertions, 2 deletions

diff --git a/config/apache_mod_security-dev/apache_virtualhost.xml b/config/apache_mod_security-dev/apache_virtualhost.xml
index 747ef975..7851e683 100644
--- a/config/apache_mod_security-dev/apache_virtualhost.xml
+++ b/config/apache_mod_security-dev/apache_virtualhost.xml
@@ -267,9 +267,19 @@
 			<show_disable_value>none</show_disable_value>
 		</field>
 		<field>
-			<fielddescr>Intermediate CA certificate (optional)</fielddescr>
+			<fielddescr>HTTPS SSL certificate chain</fielddescr>
+			<fieldname>ssl_cert_chain</fieldname>
+			<description>Select intermediate CA assigned to server certificate. Not all certificates require this.</description>
+			<type>select_source</type>
+			<source><![CDATA[$config['ca']]]></source>
+			<source_name>descr</source_name>
+			<source_value>refid</source_value>
+			<show_disable_value>none</show_disable_value>
+		</field>
+		<field>
+			<fielddescr>Client certificates CA (optional)</fielddescr>
 			<fieldname>reverse_int_ca</fieldname>
-			<description>Select intermediate CA assigned to certificate. Not all certificates require this.</description>
+			<description>Select CA assigned to client certificates.</description>
 			<type>select_source</type>
 			<source><![CDATA[$config['ca']]]></source>
 			<source_name>descr</source_name>