diff --git a/root/etc/e-smith/templates/etc/openvpn/routed/openvpn.conf/30cert b/root/etc/e-smith/templates/etc/openvpn/routed/openvpn.conf/30cert index f570af1..8362cbf 100644 --- a/root/etc/e-smith/templates/etc/openvpn/routed/openvpn.conf/30cert +++ b/root/etc/e-smith/templates/etc/openvpn/routed/openvpn.conf/30cert @@ -7,11 +7,14 @@ tls-server { -$OUT .= "tls-auth priv/takey.pem 0\n" if - (-e "/etc/openvpn/routed/priv/takey.pem" && - !-z "/etc/openvpn/routed/priv/takey.pem"); +if (-e "/etc/openvpn/routed/priv/takey.pem" && + !-z "/etc/openvpn/routed/priv/takey.pem"){ + $OUT .= "tls-auth priv/takey.pem 0\n"; +} +if (-e '/etc/openvpn/routed/pub/cacrl.pem' && + !-z '/etc/openvpn/routed/pub/cacrl.pem'){ + $OUT .= "crl-verify pub/cacrl.pem\n"; } -# CRL file for certificates verification -crl-verify pub/cacrl.pem +}