diff options
author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2021-07-20 11:25:46 +0200 |
---|---|---|
committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2021-07-20 14:48:27 +0200 |
commit | 2bb8817348a6df639ec9959298422b7e7b923823 (patch) | |
tree | a43690d716b0c6daf23470b5085e015c12cb9e71 /data | |
parent | 2975c5e835fd323ef5d47bebec27e4d08e04dd7a (diff) | |
download | vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.tar.gz vyos-1x-2bb8817348a6df639ec9959298422b7e7b923823.zip |
pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configuration
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/ocserv/ocserv_config.tmpl | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl index 328af0c0d..0be805235 100644 --- a/data/templates/ocserv/ocserv_config.tmpl +++ b/data/templates/ocserv/ocserv_config.tmpl @@ -12,16 +12,16 @@ auth = "radius [config=/run/ocserv/radiusclient.conf]" auth = "plain[/run/ocserv/ocpasswd]" {% endif %} -{% if ssl.cert_file %} -server-cert = {{ ssl.cert_file }} +{% if ssl.certificate is defined %} +server-cert = /run/ocserv/cert.pem +server-key = /run/ocserv/cert.key +{% if ssl.passphrase is defined %} +key-pin = {{ ssl.passphrase }} {% endif %} - -{% if ssl.key_file %} -server-key = {{ ssl.key_file }} {% endif %} -{% if ssl.ca_cert_file %} -ca-cert = {{ ssl.ca_cert_file }} +{% if ssl.ca_certificate is defined %} +ca-cert = /run/ocserv/ca.pem {% endif %} socket-file = /run/ocserv/ocserv.socket |