Implements #5007 Remove SSL bundle files if present on an apache 2.4 server

Author: Till Brehm

server/conf/vhost.conf.master

@@ -75,15 +75,15 @@
 		# </IfModule>
 		SSLCertificateFile <tmpl_var name='ssl_crt_file'>
 		SSLCertificateKeyFile <tmpl_var name='ssl_key_file'>
-<tmpl_if name='has_bundle_cert'>
-		<tmpl_if name='apache_version' op='<' value='2.4.8' format='version'>
-		SSLCertificateChainFile <tmpl_var name='ssl_bundle_file'>
-		</tmpl_if>
 		<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
 		SSLUseStapling on
 		SSLStaplingResponderTimeout 5
 		SSLStaplingReturnResponderErrors off
 		</tmpl_if>
+<tmpl_if name='has_bundle_cert'>
+		<tmpl_if name='apache_version' op='<' value='2.4.8' format='version'>
+		SSLCertificateChainFile <tmpl_var name='ssl_bundle_file'>
+		</tmpl_if>
 </tmpl_if>
 </tmpl_if>
 		</IfModule>

server/plugins-available/apache2_plugin.inc.php

@@ -1223,8 +1223,9 @@ function update($event_name, $data) {
 				$app->dbmaster->query("UPDATE web_domain SET `ssl` = ?, `ssl_letsencrypt` = ? WHERE `domain` = ? AND `server_id` = ?", $data['new']['ssl'], 'n', $data['new']['domain'], $conf['server_id']);
  			}
 		}
-
-		if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
+		
+		// Use separate bundle file only for apache versions < 2.4.8
+		if(@is_file($bundle_file) && version_compare($app->system->getapacheversion(true), '2.4.8', '<')) $vhost_data['has_bundle_cert'] = 1;
 
 		// HTTP/2.0 ?
 		$vhost_data['enable_http2']  = 'n';