pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configuration

author: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2021-07-20 11:25:46 +0200
committer: sarthurdev <965089+sarthurdev@users.noreply.github.com> 2021-07-20 14:48:27 +0200
commit: 2bb8817348a6df639ec9959298422b7e7b923823 (patch)
tree: a43690d716b0c6daf23470b5085e015c12cb9e71 /data/templates
parent: 2975c5e835fd323ef5d47bebec27e4d08e04dd7a (diff)
download: vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.tar.gz
vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.zip
1 files changed, 7 insertions, 7 deletions
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl
index 328af0c0d..0be805235 100644
--- a/data/templates/ocserv/ocserv_config.tmpl
+++ b/data/templates/ocserv/ocserv_config.tmpl
@@ -12,16 +12,16 @@ auth = "radius [config=/run/ocserv/radiusclient.conf]"
 auth = "plain[/run/ocserv/ocpasswd]"
 {% endif %}
 
-{% if ssl.cert_file %}
-server-cert = {{  ssl.cert_file }}
+{% if ssl.certificate is defined %}
+server-cert = /run/ocserv/cert.pem
+server-key = /run/ocserv/cert.key
+{% if ssl.passphrase is defined %}
+key-pin = {{ ssl.passphrase }}
 {% endif %}
-
-{% if ssl.key_file %}
-server-key = {{  ssl.key_file }}
 {% endif %}
 
-{% if ssl.ca_cert_file %}
-ca-cert = {{  ssl.ca_cert_file }}
+{% if ssl.ca_certificate is defined %}
+ca-cert = /run/ocserv/ca.pem
 {% endif %}
 
 socket-file = /run/ocserv/ocserv.socket
author	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2021-07-20 11:25:46 +0200
committer	sarthurdev <965089+sarthurdev@users.noreply.github.com>	2021-07-20 14:48:27 +0200
commit	2bb8817348a6df639ec9959298422b7e7b923823 (patch)
tree	a43690d716b0c6daf23470b5085e015c12cb9e71 /data/templates
parent	2975c5e835fd323ef5d47bebec27e4d08e04dd7a (diff)
download	vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.tar.gz vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.zip