caddy-frontend: Fix incorrect ssl_ca_crt configuration

In "caddy-frontend: Improve generated files" ssl_ca_crt was mistakenly used for client authentication, which is in reality not supported nor needed. It came from misunderstanding of apache configuration.

caddy-frontend: Fix incorrect ssl_ca_crt configuration
In "caddy-frontend: Improve generated files" ssl_ca_crt was mistakenly used for client authentication, which is in reality not supported nor needed. It came from misunderstanding of apache configuration.
d2391b0e · Łukasz Nowak · 0925449a · d2391b0e · d2391b0e
Commit d2391b0e authored Nov 21, 2018 by Łukasz Nowak
Showing with 1 addition and 5 deletions

software/caddy-frontend/buildout.hash.cfg software/caddy-frontend/buildout.hash.cfg +1 -1

software/caddy-frontend/templates/default-virtualhost.conf.in ...ware/caddy-frontend/templates/default-virtualhost.conf.in +0 -4

No files found.
--- a/software/caddy-frontend/buildout.hash.cfg
+++ b/software/caddy-frontend/buildout.hash.cfg
@@ -62,7 +62,7 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b

 [template-default-slave-virtualhost]
 filename = templates/default-virtualhost.conf.in
-md5sum = 669a93b7e21b99066a84494fec47906b
+md5sum = 73bc8abae6aadc3ce55662c3d821b363

 [template-cached-slave-virtualhost]
 filename = templates/cached-virtualhost.conf.in

--- a/software/caddy-frontend/templates/default-virtualhost.conf.in
+++ b/software/caddy-frontend/templates/default-virtualhost.conf.in
@@ -34,10 +34,6 @@
    status 501 /
 {%- endif %} {#- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter #}
  tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }} {
-{%- if slave_parameter.get('path_to_ssl_ca_crt') %}
-    # Configuration of accepted clients
-    clients {{ slave_parameter.get('path_to_ssl_ca_crt') }}
-{%- endif %} {#- if slave_parameter.get('path_to_ssl_ca_crt') #}
 {%- if enable_h2 %}
    # Allow HTTP2
    alpn h2 http/1.1