Commit c31703b8 authored by Till Brehm's avatar Till Brehm

Implements #5007 Remove SSL bundle files if present on an apache 2.4 server

parent b7ee5f0e
......@@ -75,15 +75,15 @@
# </IfModule>
SSLCertificateFile <tmpl_var name='ssl_crt_file'>
SSLCertificateKeyFile <tmpl_var name='ssl_key_file'>
<tmpl_if name='has_bundle_cert'>
<tmpl_if name='apache_version' op='<' value='2.4.8' format='version'>
SSLCertificateChainFile <tmpl_var name='ssl_bundle_file'>
</tmpl_if>
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
</tmpl_if>
<tmpl_if name='has_bundle_cert'>
<tmpl_if name='apache_version' op='<' value='2.4.8' format='version'>
SSLCertificateChainFile <tmpl_var name='ssl_bundle_file'>
</tmpl_if>
</tmpl_if>
</tmpl_if>
</IfModule>
......
......@@ -1223,8 +1223,9 @@ class apache2_plugin {
$app->dbmaster->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ? AND `server_id` = ?", $data['new']['ssl'], 'n', $data['new']['domain'], $conf['server_id']);
}
}
if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
// Use separate bundle file only for apache versions < 2.4.8
if(@is_file($bundle_file) && version_compare($app->system->getapacheversion(true), '2.4.8', '<')) $vhost_data['has_bundle_cert'] = 1;
// HTTP/2.0 ?
$vhost_data['enable_http2'] = 'n';
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment