From c90eecba492b28620bbb2a6e11748b3d615fe579 Mon Sep 17 00:00:00 2001
From: Tilman Klaeger <tilman@3c7.de>
Date: Sat, 28 Sep 2013 18:13:58 +0200
Subject: [PATCH] Minor additions to ssl per vhost settings: add ssl CA cert
 and chainfail to ssl vhost

tilman19, tilman@3c7.de
---
 scripts/jobs/cron_tasks.inc.http.10.apache.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php
index f06e9a93..2c0b1ffc 100644
--- a/scripts/jobs/cron_tasks.inc.http.10.apache.php
+++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php
@@ -691,11 +691,21 @@ class apache
 					// this makes it more secure, thx to Marcel (08/2013)
 					$vhost_content .= '  SSLHonorCipherOrder On' . "\n";
 					$vhost_content .= '  SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH' . "\n";
+					$vhost_content .= '  SSLVerifyDepth 10' . "\n";
 					$vhost_content .= '  SSLCertificateFile ' . makeCorrectFile($domain['ssl_cert_file']) . "\n";
 
 					if ($domain['ssl_key_file'] != '') {
 						$vhost_content .= '  SSLCertificateKeyFile ' . makeCorrectFile($domain['ssl_key_file']) . "\n";
 					}
+
+					if ($domain['ssl_ca_file'] != '') {
+						$vhost_content .= '  SSLCACertificateFile ' . makeCorrectFile($domain['ssl_ca_file']) . "\n";
+					}
+
+					if ($domain['ssl_cert_chainfile'] != '') {
+						$vhost_content .= '  SSLCertificateChainFile ' . makeCorrectFile($domain['ssl_cert_chainfile']) . "\n";
+					}
+
 				}
 			}