From 210d87caeca19bbb78040c3e43e38a76b63fb302 Mon Sep 17 00:00:00 2001
From: sunits <sun@sun-its.com>
Date: Mon, 10 Nov 2014 15:03:01 +0900
Subject: [PATCH] client certificate

---
 assets/config/nginx/gitlab-ssl | 2 ++
 assets/init                    | 1 +
 2 files changed, 3 insertions(+)

diff --git a/assets/config/nginx/gitlab-ssl b/assets/config/nginx/gitlab-ssl
index c7d0e8f8..49447430 100644
--- a/assets/config/nginx/gitlab-ssl
+++ b/assets/config/nginx/gitlab-ssl
@@ -64,6 +64,8 @@ server {
   ssl on;
   ssl_certificate {{SSL_CERTIFICATE_PATH}};
   ssl_certificate_key {{SSL_KEY_PATH}};
+  ssl_verify_client {{SSL_VERIFY_CLIENT}};
+  ssl_client_certificate {{CA_CERTIFICATES_PATH}};
 
   ssl_ciphers 'AES256+EECDH:AES256+EDH';
 
diff --git a/assets/init b/assets/init
index f1969cd9..d38c873d 100755
--- a/assets/init
+++ b/assets/init
@@ -32,6 +32,7 @@ SSL_SELF_SIGNED=${SSL_SELF_SIGNED:-false}
 SSL_CERTIFICATE_PATH=${SSL_CERTIFICATE_PATH:-$GITLAB_DATA_DIR/certs/gitlab.crt}
 SSL_KEY_PATH=${SSL_KEY_PATH:-$GITLAB_DATA_DIR/certs/gitlab.key}
 SSL_DHPARAM_PATH=${SSL_DHPARAM_PATH:-$GITLAB_DATA_DIR/certs/dhparam.pem}
+SSL_VERIFY_CLIENT=${SSL_VERIFY_CLIENT:-off}
 
 CA_CERTIFICATES_PATH=${CA_CERTIFICATES_PATH:-$GITLAB_DATA_DIR/certs/ca.crt}