summaryrefslogtreecommitdiff
path: root/interface-definitions
diff options
context:
space:
mode:
authorsarthurdev <965089+sarthurdev@users.noreply.github.com>2024-03-28 14:06:33 +0100
committerMergify <37929162+mergify[bot]@users.noreply.github.com>2024-03-28 16:11:39 +0000
commit557694e1ab615a884b5f57314772d57d2668094d (patch)
treec832deb73d4e55eca0ae883bcafe8ba9cd003b87 /interface-definitions
parent9e5af058434d65b0bc34640a1d29721d0a23c053 (diff)
downloadvyos-1x-557694e1ab615a884b5f57314772d57d2668094d.tar.gz
vyos-1x-557694e1ab615a884b5f57314772d57d2668094d.zip
ipsec: T5606: T5871: Use multi node for CA certificates
This changes behaviour from fetching CA chain in PKI, to the user manually setting CA certificates. Prevents unwanted parent CAs existing in PKI from being auto-included as may not be desired/intended. (cherry picked from commit 952b1656f5164f6cfc601e040b48384859e7a222)
Diffstat (limited to 'interface-definitions')
-rw-r--r--interface-definitions/include/ipsec/authentication-x509.xml.i2
1 files changed, 1 insertions, 1 deletions
diff --git a/interface-definitions/include/ipsec/authentication-x509.xml.i b/interface-definitions/include/ipsec/authentication-x509.xml.i
index db675c0bf..1d04c94ba 100644
--- a/interface-definitions/include/ipsec/authentication-x509.xml.i
+++ b/interface-definitions/include/ipsec/authentication-x509.xml.i
@@ -5,7 +5,7 @@
</properties>
<children>
#include <include/pki/certificate-key.xml.i>
- #include <include/pki/ca-certificate.xml.i>
+ #include <include/pki/ca-certificate-multi.xml.i>
</children>
</node>
<!-- include end -->