From 60b5c03541ec61a5b444c3c31dc16eecff022a8d Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Thu, 11 May 2023 23:07:07 +0100
Subject: [PATCH] Squashed commit of the following:

commit d3592f1b6ea69bb93559108ac78c869308a8e2f3
Merge: ec1d428 05d0213
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date:   Thu May 11 23:06:20 2023 +0100

    Merge branch 'verify-cert-direct-openssl-call' of ssh://github.com/TinCanTech/easy-rsa into TinCanTech-verify-cert-direct-openssl-call

    Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>

commit 05d0213d6dff4706d058442b6e9cddcad1124fbc
Author: Richard T Bonhomme <tincantech@protonmail.com>
Date:   Thu May 11 13:35:12 2023 +0100

    verify-cert: Call 'openssl' directly to capture error

    Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 9e795ac..dfb025d 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -3810,7 +3810,8 @@ No certificate found for the input: '$crt_in'"
 Input is not a valid certificate: $crt_in"
 
 	# Test SSL out
-	if easyrsa_openssl verify -CAfile "$ca_crt" \
+	# openssl direct call because error is expected
+	if "$EASYRSA_OPENSSL" verify -CAfile "$ca_crt" \
 		"$crt_in" 1>/dev/null
 	then
 		notice "\