From d1e72d4ea7130db773a7e7d65231083f8278fbb0 Mon Sep 17 00:00:00 2001
From: Richard Bonhomme <tincanteksup@gmail.com>
Date: Thu, 23 Aug 2018 21:16:32 +0100
Subject: [PATCH] libressl: use make_ssl_config and safessl-easyrsa.cnf for
 gen_crl

---
 easyrsa3/easyrsa | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index 871ca34..db6eb36 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -847,9 +847,12 @@ infrastructure in order to prevent the revoked cert from being accepted.
 gen_crl() {
 	verify_ca_init
 
+	# make safessl-easyrsa.cnf
+	make_ssl_config
+
 	out_file="$EASYRSA_PKI/crl.pem"
 	out_file_tmp="$(mktemp "$out_file.XXXXXXXXXX")"; EASYRSA_TEMP_FILE_2="$out_file_tmp"
-	"$EASYRSA_OPENSSL" ca -utf8 -gencrl -out "$out_file_tmp" -config "$EASYRSA_SSL_CONF" || die "\
+	"$EASYRSA_OPENSSL" ca -utf8 -gencrl -out "$out_file_tmp" -config "$EASYRSA_SAFE_CONF" || die "\
 CRL Generation failed.
 "
 	mv "$out_file_tmp" "$out_file"; EASYRSA_TEMP_FILE_2=