Merge pull request #930 from sarthurdev/pki_migration

pki: openconnect: sstp: T3642: Migrate OpenConnect and SSTP to PKI configuration

2 files changed, 10 insertions, 10 deletions

diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.tmpl
index 7ca7b1c1e..fad91d118 100644
--- a/data/templates/accel-ppp/sstp.config.tmpl
+++ b/data/templates/accel-ppp/sstp.config.tmpl
@@ -29,9 +29,9 @@ disable
 verbose=1
 ifname=sstp%d
 accept=ssl
-ssl-ca-file={{ ssl.ca_cert_file }}
-ssl-pemfile={{ ssl.cert_file }}
-ssl-keyfile={{ ssl.key_file }}
+ssl-ca-file=/run/accel-pppd/sstp-ca.pem
+ssl-pemfile=/run/accel-pppd/sstp-cert.pem
+ssl-keyfile=/run/accel-pppd/sstp-cert.key
 
 {# Common IP pool definitions #}
 {% include 'accel-ppp/config_ip_pool.j2' %}
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl
index 328af0c0d..0be805235 100644
--- a/data/templates/ocserv/ocserv_config.tmpl
+++ b/data/templates/ocserv/ocserv_config.tmpl
@@ -12,16 +12,16 @@ auth = "radius [config=/run/ocserv/radiusclient.conf]"
 auth = "plain[/run/ocserv/ocpasswd]"
 {% endif %}
 
-{% if ssl.cert_file %}
-server-cert = {{  ssl.cert_file }}
+{% if ssl.certificate is defined %}
+server-cert = /run/ocserv/cert.pem
+server-key = /run/ocserv/cert.key
+{% if ssl.passphrase is defined %}
+key-pin = {{ ssl.passphrase }}
 {% endif %}
-
-{% if ssl.key_file %}
-server-key = {{  ssl.key_file }}
 {% endif %}
 
-{% if ssl.ca_cert_file %}
-ca-cert = {{  ssl.ca_cert_file }}
+{% if ssl.ca_certificate is defined %}
+ca-cert = /run/ocserv/ca.pem
 {% endif %}
 
 socket-file = /run/ocserv/ocserv.socket