From c9d9d954dea0f22f7ee71ed226cf29591df0f540 Mon Sep 17 00:00:00 2001
From: Jonathan Ballet <jballet@gfproducts.ch>
Date: Tue, 9 Jun 2015 11:48:35 +0200
Subject: [PATCH 1/2] proxy: support SSL certificate in the proxy template

---
 apache/vhosts/proxy.tmpl | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/apache/vhosts/proxy.tmpl b/apache/vhosts/proxy.tmpl
index 9a09ef5..ae6bc8d 100644
--- a/apache/vhosts/proxy.tmpl
+++ b/apache/vhosts/proxy.tmpl
@@ -34,6 +34,17 @@
     {% if site.get('ErrorLog') != False %}ErrorLog {{ vals.ErrorLog }}{% endif %}
     {% if site.get('CustomLog') != False %}CustomLog {{ vals.CustomLog }} {{ vals.LogFormat }}{% endif %}
 
+    {% if site.get('SSLCertificateFile') %}
+    SSLEngine on
+    SSLCertificateFile {{ site.SSLCertificateFile }}
+    {%   if site.get('SSLCertificateKeyFile') %}
+    SSLCertificateKeyFile {{ site.SSLCertificateKeyFile }}
+    {%   endif %}
+    {%   if site.get('SSLCertificateChainFile') %}
+    SSLCertificateChainFile {{ site.SSLCertificateChainFile}}
+    {%   endif %}
+    {% endif %}
+
     ProxyPreserveHost {{ vals.ProxyPreserveHost }}    
     {% for proxy, proxyargs in vals.ProxyRoute|dictsort|reverse %}
     {% set proxyvals = {

From a8f2d89995450c6e0f1090d0e1430cc0f98e4a4b Mon Sep 17 00:00:00 2001
From: Jonathan Ballet <jballet@gfproducts.ch>
Date: Tue, 9 Jun 2015 11:54:07 +0200
Subject: [PATCH 2/2] ssl: also support the SSLCertificateChainFile required by
 some providers

---
 apache/vhosts/standard.tmpl | 3 +++
 pillar.example              | 1 +
 2 files changed, 4 insertions(+)

diff --git a/apache/vhosts/standard.tmpl b/apache/vhosts/standard.tmpl
index 71b5936..609e31d 100644
--- a/apache/vhosts/standard.tmpl
+++ b/apache/vhosts/standard.tmpl
@@ -54,6 +54,9 @@
     {%   if site.get('SSLCertificateKeyFile') %}
     SSLCertificateKeyFile {{ site.SSLCertificateKeyFile }}
     {%   endif %}
+    {%   if site.get('SSLCertificateChainFile') %}
+    SSLCertificateChainFile {{ site.SSLCertificateChainFile}}
+    {%   endif %}
     {% endif %}
 
     {% for path, dir in site.get('Directory', {}).items() %}
diff --git a/pillar.example b/pillar.example
index 81d5215..1cd82b5 100644
--- a/pillar.example
+++ b/pillar.example
@@ -46,6 +46,7 @@ apache:
 
       SSLCertificateFile: /etc/ssl/mycert.pem # if ssl is desired
       SSLCertificateKeyFile: /etc/ssl/mycert.pem.key # if key for cert is needed or in an extra file
+      SSLCertificateChainFile: /etc/ssl/mycert.chain.pem # if you require a chain of server certificates file
 
       Directory:
         # "default" is a special case; Adds ``/path/to/www/dir/example.com``