From 2bb8817348a6df639ec9959298422b7e7b923823 Mon Sep 17 00:00:00 2001
From: sarthurdev <965089+sarthurdev@users.noreply.github.com>
Date: Tue, 20 Jul 2021 11:25:46 +0200
Subject: pki: openconnect: T3642: Migrate OpenConnect SSL to PKI configuration

---
 data/templates/ocserv/ocserv_config.tmpl | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'data/templates')

diff --git a/data/templates/ocserv/ocserv_config.tmpl b/data/templates/ocserv/ocserv_config.tmpl
index 328af0c0d..0be805235 100644
--- a/data/templates/ocserv/ocserv_config.tmpl
+++ b/data/templates/ocserv/ocserv_config.tmpl
@@ -12,16 +12,16 @@ auth = "radius [config=/run/ocserv/radiusclient.conf]"
 auth = "plain[/run/ocserv/ocpasswd]"
 {% endif %}
 
-{% if ssl.cert_file %}
-server-cert = {{  ssl.cert_file }}
+{% if ssl.certificate is defined %}
+server-cert = /run/ocserv/cert.pem
+server-key = /run/ocserv/cert.key
+{% if ssl.passphrase is defined %}
+key-pin = {{ ssl.passphrase }}
 {% endif %}
-
-{% if ssl.key_file %}
-server-key = {{  ssl.key_file }}
 {% endif %}
 
-{% if ssl.ca_cert_file %}
-ca-cert = {{  ssl.ca_cert_file }}
+{% if ssl.ca_certificate is defined %}
+ca-cert = /run/ocserv/ca.pem
 {% endif %}
 
 socket-file = /run/ocserv/ocserv.socket
-- 
cgit v1.2.3