- The fix applied in vpnmain.cgi only adds the unique_subject = yes to the index.txt.attr file after the first time that the root/host certificates are attempted to be created. - Without this line in update.sh, the first attempt to create the root/host certificate set will still have the original error code. If the creation is attempted again then it will work because the unique_subject = yes will have then been added into the file. - This patch ensures that the first attempt to create a root/host certificate set in CU175 will work. - Confirmed on vm testbed with freshly updated CU175.
Fixes: Bug#13138 Tested-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/core/175/update.sh | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/config/rootfiles/core/175/update.sh b/config/rootfiles/core/175/update.sh index 82676bc72..f1c6873c1 100644 --- a/config/rootfiles/core/175/update.sh +++ b/config/rootfiles/core/175/update.sh @@ -191,6 +191,9 @@ if [ -s /var/ipfire/ovpn/ovpnconfig ]; then done fi
+## Add unique_subject = yes to vpn index.txt.attr file +echo "unique_subject = yes" > /var/ipfire/certs/index.txt.attr + # This update needs a reboot... touch /var/run/need_reboot