diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-07-20 15:43:43 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-20 15:43:43 +0200 |
commit | 4ff379d18a750314fda2b2fec5a1e285bd92f15c (patch) | |
tree | 36d0090231779a272e03718e1ccc9d6c906f1220 /data | |
parent | 2975c5e835fd323ef5d47bebec27e4d08e04dd7a (diff) | |
parent | 70785300b0dbd11bcd805f7d2906e77fc826f4a7 (diff) | |
download | vyos-1x-4ff379d18a750314fda2b2fec5a1e285bd92f15c.tar.gz vyos-1x-4ff379d18a750314fda2b2fec5a1e285bd92f15c.zip |
Merge pull request #930 from sarthurdev/pki_migration
pki: openconnect: sstp: T3642: Migrate OpenConnect and SSTP to PKI configuration
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/accel-ppp/sstp.config.tmpl | 6 | ||||
-rw-r--r-- | data/templates/ocserv/ocserv_config.tmpl | 14 |
2 files changed, 10 insertions, 10 deletions
diff --git a/data/templates/accel-ppp/sstp.config.tmpl b/data/templates/accel-ppp/sstp.config.tmpl index 7ca7b1c1e..fad91d118 100644 --- a/data/templates/accel-ppp/sstp.config.tmpl +++ b/data/templates/accel-ppp/sstp.config.tmpl @@ -29,9 +29,9 @@ disable verbose=1 ifname=sstp%d accept=ssl -ssl-ca-file={{ ssl.ca_cert_file }} -ssl-pemfile={{ ssl.cert_file }} -ssl-keyfile={{ ssl.key_file }} +ssl-ca-file=/run/accel-pppd/sstp-ca.pem +ssl-pemfile=/run/accel-pppd/sstp-cert.pem +ssl-keyfile=/run/accel-pppd/sstp-cert.key {# Common IP pool definitions #} {% include 'accel-ppp/config_ip_pool.j2' %} diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl index 328af0c0d..0be805235 100644 --- a/data/templates/ocserv/ocserv_config.tmpl +++ b/data/templates/ocserv/ocserv_config.tmpl @@ -12,16 +12,16 @@ auth = "radius [config=/run/ocserv/radiusclient.conf]" auth = "plain[/run/ocserv/ocpasswd]" {% endif %} -{% if ssl.cert_file %} -server-cert = {{ ssl.cert_file }} +{% if ssl.certificate is defined %} +server-cert = /run/ocserv/cert.pem +server-key = /run/ocserv/cert.key +{% if ssl.passphrase is defined %} +key-pin = {{ ssl.passphrase }} {% endif %} - -{% if ssl.key_file %} -server-key = {{ ssl.key_file }} {% endif %} -{% if ssl.ca_cert_file %} -ca-cert = {{ ssl.ca_cert_file }} +{% if ssl.ca_certificate is defined %} +ca-cert = /run/ocserv/ca.pem {% endif %} socket-file = /run/ocserv/ocserv.socket |