DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #4273 from aledbf/ssh-chain-dynamic

Browse source 
Check and complete intermediate SSL certificates
This commit is contained in:
Kubernetes Prow Robot 2019-07-04 16:32:36 -07:00 committed by GitHub
commit 930e37a0b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 132 additions and 214 deletions
Download patch file Download diff file Expand all files Collapse all files

16
rootfs/etc/nginx/template/nginx.tmpl
View file

@ -96,7 +96,7 @@ http {
end
{{ end }}
{{ if $all.DynamicCertificatesEnabled }}
{{ if $all.EnableDynamicCertificates }}
ok, res = pcall(require, "certificate")
if not ok then
error("require failed: " .. tostring(res))
@ -492,13 +492,8 @@ http {
# PEM sha: {{ $redirect.SSLCert.PemSHA }}
ssl_certificate {{ $redirect.SSLCert.PemFileName }};
ssl_certificate_key {{ $redirect.SSLCert.PemFileName }};
{{ if not (empty $redirect.SSLCert.FullChainPemFileName)}}
ssl_trusted_certificate {{ $redirect.SSLCert.FullChainPemFileName }};
ssl_stapling on;
ssl_stapling_verify on;
{{ end }}
{{ if $all.DynamicCertificatesEnabled}}
{{ if $all.EnableDynamicCertificates}}
ssl_certificate_by_lua_block {
certificate.call()
}
@ -841,13 +836,8 @@ stream {
# PEM sha: {{ $server.SSLCert.PemSHA }}
ssl_certificate {{ $server.SSLCert.PemFileName }};
ssl_certificate_key {{ $server.SSLCert.PemFileName }};
{{ if not (empty $server.SSLCert.FullChainPemFileName)}}
ssl_trusted_certificate {{ $server.SSLCert.FullChainPemFileName }};
ssl_stapling on;
ssl_stapling_verify on;
{{ end }}
{{ if $all.DynamicCertificatesEnabled}}
{{ if $all.EnableDynamicCertificates}}
ssl_certificate_by_lua_block {
certificate.call()
}