summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2021-07-20 11:25:46 +0200
committersarthurdev <965089+sarthurdev@users.noreply.github.com>2021-07-20 14:48:27 +0200
commit2bb8817348a6df639ec9959298422b7e7b923823 (patch)
treea43690d716b0c6daf23470b5085e015c12cb9e71 /data
parent2975c5e835fd323ef5d47bebec27e4d08e04dd7a (diff)
downloadvyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.tar.gz
vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.zip
pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configuration
Diffstat (limited to 'data')
-rw-r--r--data/templates/ocserv/ocserv_config.tmpl14
1 files changed, 7 insertions, 7 deletions
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl
index 328af0c0d..0be805235 100644
--- a/data/templates/ocserv/ocserv_config.tmpl
+++ b/data/templates/ocserv/ocserv_config.tmpl
@@ -12,16 +12,16 @@ auth = "radius [config=/run/ocserv/radiusclient.conf]"
auth = "plain[/run/ocserv/ocpasswd]"
{% endif %}
-{% if ssl.cert_file %}
-server-cert = {{ ssl.cert_file }}
+{% if ssl.certificate is defined %}
+server-cert = /run/ocserv/cert.pem
+server-key = /run/ocserv/cert.key
+{% if ssl.passphrase is defined %}
+key-pin = {{ ssl.passphrase }}
{% endif %}
-
-{% if ssl.key_file %}
-server-key = {{ ssl.key_file }}
{% endif %}
-{% if ssl.ca_cert_file %}
-ca-cert = {{ ssl.ca_cert_file }}
+{% if ssl.ca_certificate is defined %}
+ca-cert = /run/ocserv/ca.pem
{% endif %}
socket-file = /run/ocserv/ocserv.socket