From 2427d4eb9a8ec26b9649fd80247595769674bd4a Mon Sep 17 00:00:00 2001 From: Lukasz Nowak <luke@nexedi.com> Date: Wed, 21 Nov 2018 13:03:51 +0100 Subject: [PATCH] caddy-frontend: ssl_ca_crt requires ssl_crt and ssl_key --- software/caddy-frontend/buildout.hash.cfg | 2 +- software/caddy-frontend/instance-apache-replicate.cfg.in | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/software/caddy-frontend/buildout.hash.cfg b/software/caddy-frontend/buildout.hash.cfg index 669713e17..e25f463de 100644 --- a/software/caddy-frontend/buildout.hash.cfg +++ b/software/caddy-frontend/buildout.hash.cfg @@ -26,7 +26,7 @@ md5sum = ab1795f92e32655d05c662c965d2b1f5 [template-apache-replicate] filename = instance-apache-replicate.cfg.in -md5sum = 44d50bf8391b5a73b2ab72923efe6437 +md5sum = 6a86edb96b171fbd0a59d0adc9cc906b [template-slave-list] filename = templates/apache-custom-slave-list.cfg.in diff --git a/software/caddy-frontend/instance-apache-replicate.cfg.in b/software/caddy-frontend/instance-apache-replicate.cfg.in index 3f05435cf..040449fad 100644 --- a/software/caddy-frontend/instance-apache-replicate.cfg.in +++ b/software/caddy-frontend/instance-apache-replicate.cfg.in @@ -122,6 +122,9 @@ context = {% do slave_error_list.append('slave https-url %r invalid' % (slave['https-url'],)) %} {% endif %} {% endif %} +{% if slave.get('ssl_ca_crt') and not (slave.get('ssl_crt') and slave.get('ssl_key')) %} +{% do slave_error_list.append('ssl_ca_crt is present, so ssl_crt and ssl_key are required') %} +{% endif %} {% if slave.get('ssl_key') and slave.get('ssl_crt') %} {% set key_popen = popen([openssl, 'rsa', '-noout', '-modulus']) %} {% set crt_popen = popen([openssl, 'x509', '-noout', '-modulus']) %} -- 2.30.9