Make crl verification optional

tags/0.1.4_el5 0.1.4_el5
Daniel Berteaud 9 years ago
parent 36f5d2b782
commit c595fbe31a
  1. 13
      root/etc/e-smith/templates/etc/openvpn/routed/openvpn.conf/30cert

@ -7,11 +7,14 @@ tls-server
{
$OUT .= "tls-auth priv/takey.pem 0\n" if
(-e "/etc/openvpn/routed/priv/takey.pem" &&
!-z "/etc/openvpn/routed/priv/takey.pem");
if (-e "/etc/openvpn/routed/priv/takey.pem" &&
!-z "/etc/openvpn/routed/priv/takey.pem"){
$OUT .= "tls-auth priv/takey.pem 0\n";
}
if (-e '/etc/openvpn/routed/pub/cacrl.pem' &&
!-z '/etc/openvpn/routed/pub/cacrl.pem'){
$OUT .= "crl-verify pub/cacrl.pem\n";
}
# CRL file for certificates verification
crl-verify pub/cacrl.pem
}

Loading…
Cancel
Save