X-Git-Url: https://git.hcoop.net/hcoop/domtool2.git/blobdiff_plain/f3bb0ab3a60b605b4e77042d89b3713930f4ddbb..ef5ad69ab6c5c1d749591a6955dad38d783ac0a4:/src/plugins/apache.sml

diff --git a/src/plugins/apache.sml b/src/plugins/apache.sml
index b5edd64..d53d687 100644
--- a/src/plugins/apache.sml
+++ b/src/plugins/apache.sml
@@ -118,10 +118,18 @@ fun validCert s = Acl.query {user = Domain.getUser (),
 			     class = "cert",
 			     value = s}
 
+fun validCaCert s = Acl.query {user = Domain.getUser (),
+			       class = "cacert",
+			       value = s}
+
 val _ = Env.type_one "ssl_cert_path"
 	Env.string
 	validCert
 
+val _ = Env.type_one "ssl_cacert_path"
+	Env.string
+	validCaCert
+
 fun ssl e = case e of
 		(EVar "no_ssl", _) => SOME NONE
 	      | (EApp ((EVar "use_cert", _), s), _) => Option.map SOME (Env.string s)
@@ -1127,6 +1135,16 @@ val () = Env.action_two "addOutputFilter"
 	      write "\n")
 	   | _ => ())
 
+val () = Env.action_one "sslCertificateChainFile"
+	 ("ssl_cacert_path", Env.string)
+	 (fn cacert =>
+	     if !sslEnabled then
+		 (write "\tSSLCertificateChainFile \"";
+		  write cacert;
+		  write "\"\n")
+	     else
+		 print "WARNING: Skipped sslCertificateChainFile because this isn't an SSL vhost.\n")
+
 val () = Domain.registerResetLocal (fn () =>
 				       ignore (OS.Process.system (Config.rm ^ " -rf /var/domtool/vhosts/*")))