From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject:
 [PATCH 3/3] openvpn-crl-updater: Update for the changed configuration file
Date: Thu, 18 Apr 2024 21:36:54 +0000
Message-ID: <20240418213654.3321580-3-michael.tremer@ipfire.org>
In-Reply-To: <20240418213654.3321580-1-michael.tremer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6426258118806017793=="
List-Id: <development.lists.ipfire.org>

--===============6426258118806017793==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 config/ovpn/openvpn-crl-updater | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/config/ovpn/openvpn-crl-updater b/config/ovpn/openvpn-crl-updater
index 5fbe21080..d22f8f78c 100644
--- a/config/ovpn/openvpn-crl-updater
+++ b/config/ovpn/openvpn-crl-updater
@@ -43,7 +43,9 @@ OVPN=3D"/var/ipfire/ovpn"
 CRL=3D"${OVPN}/crls/cacrl.pem"
 CAKEY=3D"${OVPN}/ca/cakey.pem"
 CACERT=3D"${OVPN}/ca/cacert.pem"
-OPENSSLCONF=3D"${OVPN}/openssl/ovpn.cnf"
+
+# Use an alternative OpenSSL configurtion file
+export OPENSSL_CONF=3D"/usr/share/openvpn/openssl.cnf"
=20
 # Check if CRL is presant or if OpenVPN is active
 if [ ! -e "${CAKEY}" ]; then
@@ -76,7 +78,7 @@ UPDATE=3D"14"
 ## Mainpart
 # Check if OpenVPNs CRL needs to be renewed
 if [ ${NEXTUPDATE} -le ${UPDATE} ]; then
-    if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}=
" -config "${OPENSSLCONF}"; then
+    if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}=
"; then
 		logger -t openvpn "CRL has been updated"
     else
 		logger -t openvpn "error: Could not update CRL"
--=20
2.39.2


--===============6426258118806017793==--