nik/easyrsa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gen-crl: Minor improvements

Browse Source 
Add EASYRSA_CRL_DAYS to command to generate a new CRL.
Although this is taken care of in the SSL config file,
it is easier to understand by having the code incuded
in the script.

Honor batch mode and over write an existing CRL, with
out confirmation.  An out dated CRL is of little value
and the user has specified batch mode, so honor it.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
Richard T Bonhomme 2023-02-25 14:56:09 +00:00
parent 1dd740f9a5
commit 95f4b67703
No known key found for this signature in database
GPG Key ID: 2D767DB92FB6C246
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
easyrsa3/easyrsa
View File

@ -3108,10 +3108,11 @@ gen_crl() {
die "gen_crl - easyrsa_mktemp out_file_tmp"
easyrsa_openssl ca -utf8 -gencrl -out "$out_file_tmp" \
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || die "\
CRL Generation failed."
${EASYRSA_CRL_DAYS:+-days "$EASYRSA_CRL_DAYS"} \
${EASYRSA_PASSIN:+-passin "$EASYRSA_PASSIN"} || \
die "CRL Generation failed."
mv "$out_file_tmp" "$out_file"
mv ${EASYRSA_BATCH:+-f} "$out_file_tmp" "$out_file"
notice "\
An updated CRL has been created: