diff options
author | Stephane Lapie <stephane.lapie@asahinet.com> | 2014-01-20 16:03:33 +0900 |
---|---|---|
committer | Stephane Lapie <stephane.lapie@asahinet.com> | 2014-01-20 16:14:59 +0900 |
commit | 9a33bc918c1078402479101249b770ebc7e64d6b (patch) | |
tree | 27ea512d8ddff5450bb700c64ebbcccfe0006d40 /config/apache_mod_security-dev/apache_virtualhost.xml | |
parent | 9c277bf31b361546080ba3e66b977cf6465e7938 (diff) | |
download | pfsense-packages-9a33bc918c1078402479101249b770ebc7e64d6b.tar.gz pfsense-packages-9a33bc918c1078402479101249b770ebc7e64d6b.tar.bz2 pfsense-packages-9a33bc918c1078402479101249b770ebc7e64d6b.zip |
Separate CAs for client certs and server cert chain
- Modified the VirtualHost screen to make more clear the difference between "server certificate chain" and "client certification authority"
- Modified configuration generation accordingly with proper options (SSLCertificateChainFile for server cert chain, SSLCACertificateFile for client certificates) according to Apache documentation
Diffstat (limited to 'config/apache_mod_security-dev/apache_virtualhost.xml')
-rw-r--r-- | config/apache_mod_security-dev/apache_virtualhost.xml | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/config/apache_mod_security-dev/apache_virtualhost.xml b/config/apache_mod_security-dev/apache_virtualhost.xml index 747ef975..7851e683 100644 --- a/config/apache_mod_security-dev/apache_virtualhost.xml +++ b/config/apache_mod_security-dev/apache_virtualhost.xml @@ -267,9 +267,19 @@ <show_disable_value>none</show_disable_value> </field> <field> - <fielddescr>Intermediate CA certificate (optional)</fielddescr> + <fielddescr>HTTPS SSL certificate chain</fielddescr> + <fieldname>ssl_cert_chain</fieldname> + <description>Select intermediate CA assigned to server certificate. Not all certificates require this.</description> + <type>select_source</type> + <source><![CDATA[$config['ca']]]></source> + <source_name>descr</source_name> + <source_value>refid</source_value> + <show_disable_value>none</show_disable_value> + </field> + <field> + <fielddescr>Client certificates CA (optional)</fielddescr> <fieldname>reverse_int_ca</fieldname> - <description>Select intermediate CA assigned to certificate. Not all certificates require this.</description> + <description>Select CA assigned to client certificates.</description> <type>select_source</type> <source><![CDATA[$config['ca']]]></source> <source_name>descr</source_name> |