From 0405762b60ab313514e43d49e6e69b227a92ee2a Mon Sep 17 00:00:00 2001
From: Julien Cavoizy <julien.cavoizy@canalplustelecom.com>
Date: Wed, 16 Oct 2019 15:08:34 +0000
Subject: [PATCH 1/2] - add client certificate and client_verify

---
 templates/virtualhost.conf.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/templates/virtualhost.conf.j2 b/templates/virtualhost.conf.j2
index e215779..f692200 100644
--- a/templates/virtualhost.conf.j2
+++ b/templates/virtualhost.conf.j2
@@ -57,6 +57,12 @@ server {
 {% if item.tls is defined %}
     ssl_certificate     {{ item.tls.cert }};
     ssl_certificate_key {{ item.tls.key }};
+{% if item.client is defined %}
+    ssl_client_certificate {{ item.tls.client }};
+{% endif %}
+{% if item.client_verify is defined %}
+    ssl_verify_client {{ item.tls.client_verify }}; 
+{% endif %}
 {% endif %}
 {% if item.letsencrypt is defined %}{% if item.letsencrypt %}
     ## letsencrypt validation requirement

From d518814e1e4b64a72ea0b73eea433d89dfea7bbe Mon Sep 17 00:00:00 2001
From: Julien Cavoizy <julien@ecute.org>
Date: Wed, 16 Oct 2019 15:47:35 +0000
Subject: [PATCH 2/2] - Fix virtualhost templates for ssl client certificate

---
 templates/virtualhost.conf.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/virtualhost.conf.j2 b/templates/virtualhost.conf.j2
index f692200..7d2bf03 100644
--- a/templates/virtualhost.conf.j2
+++ b/templates/virtualhost.conf.j2
@@ -57,10 +57,10 @@ server {
 {% if item.tls is defined %}
     ssl_certificate     {{ item.tls.cert }};
     ssl_certificate_key {{ item.tls.key }};
-{% if item.client is defined %}
+{% if item.tls.client is defined %}
     ssl_client_certificate {{ item.tls.client }};
 {% endif %}
-{% if item.client_verify is defined %}
+{% if item.tls.client_verify is defined %}
     ssl_verify_client {{ item.tls.client_verify }}; 
 {% endif %}
 {% endif %}