Signed-off-by: Michael Tremer michael.tremer@ipfire.org --- config/ovpn/openvpn-crl-updater | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/config/ovpn/openvpn-crl-updater b/config/ovpn/openvpn-crl-updater index 5fbe21080..d22f8f78c 100644 --- a/config/ovpn/openvpn-crl-updater +++ b/config/ovpn/openvpn-crl-updater @@ -43,7 +43,9 @@ OVPN="/var/ipfire/ovpn" CRL="${OVPN}/crls/cacrl.pem" CAKEY="${OVPN}/ca/cakey.pem" CACERT="${OVPN}/ca/cacert.pem" -OPENSSLCONF="${OVPN}/openssl/ovpn.cnf" + +# Use an alternative OpenSSL configurtion file +export OPENSSL_CONF="/usr/share/openvpn/openssl.cnf"
# Check if CRL is presant or if OpenVPN is active if [ ! -e "${CAKEY}" ]; then @@ -76,7 +78,7 @@ UPDATE="14" ## Mainpart # Check if OpenVPNs CRL needs to be renewed if [ ${NEXTUPDATE} -le ${UPDATE} ]; then - if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}" -config "${OPENSSLCONF}"; then + if openssl ca -gencrl -keyfile "${CAKEY}" -cert "${CACERT}" -out "${CRL}"; then logger -t openvpn "CRL has been updated" else logger -t openvpn "error: Could not update CRL"