fix #3745: allow overriding TLS key location

when using a custom pveproxy certificate. actual handling is done in
pve-manager.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Tested-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Reviewed-by: Stoiko Ivanov <s.ivanov@proxmox.com>

diff --git a/src/PVE/APIServer/Utils.pm b/src/PVE/APIServer/Utils.pm
index 0124f4459bb6a02932a6ca7538ca0fcb3ad21a68..2ec2dad01cfa568c6741032e25923b88ddcd9654 100644 (file)
--- a/src/PVE/APIServer/Utils.pm
+++ b/src/PVE/APIServer/Utils.pm
@@ -21,6 +21,7 @@ sub read_proxy_config {
     $shcmd .= 'echo \"CIPHERS:\$CIPHERS\";';
     $shcmd .= 'echo \"CIPHERSUITES:\$CIPHERSUITES\";';
     $shcmd .= 'echo \"DHPARAMS:\$DHPARAMS\";';
+    $shcmd .= 'echo \"TLS_KEY_FILE:\$TLS_KEY_FILE\";';
     $shcmd .= 'echo \"HONOR_CIPHER_ORDER:\$HONOR_CIPHER_ORDER\";';
     $shcmd .= 'echo \"COMPRESSION:\$COMPRESSION\";';
 
@@ -53,6 +54,8 @@ sub read_proxy_config {
            $res->{$key} = $value;
        } elsif ($key eq 'DHPARAMS') {
            $res->{$key} = $value;
+       } elsif ($key eq 'TLS_KEY_FILE') {
+           $res->{$key} = $value;
        } elsif ($key eq 'HONOR_CIPHER_ORDER' || $key eq 'COMPRESSION') {
            die "unknown value '$value' - use 0 or 1\n" if $value !~ m/^(0|1)$/;
            $res->{$key} = $value;