- Fix error on missing OpenSSL configuration file.

- Set default_crl_days to the same value as default_days.
2017-08-09 12:43:44 +02:00 · 2017-08-09 12:43:44 +02:00 · 3e477bd162
commit 3e477bd162
parent bcdbea4755
1 changed files with 33 additions and 0 deletions
--- a/install_openvpn.sh
+++ b/install_openvpn.sh
@ -1102,6 +1102,39 @@ else
   error "$(cat $log_file)"
 fi

+if [[ ! -f "$KEY_CONFIG" ]] ; then
+   if [[ -f "$(basename $KEY_CONFIG)/openssl-1.0.0.cnf" ]]; then
+      echononl "   Create Symlink '$(basename $KEY_CONFIG)'.."
+      ln -s "$(basename $KEY_CONFIG)/openssl-1.0.0.cnf" "$KEY_CONFIG"
+      if [[ $? -eq 0 ]] ; then
+         echo_ok
+      else
+         echo_failed
+         error "$(cat $log_file)"
+         fatal "No OpenSSL configuration file present!"
+      fi
+   fi
+fi
+
+_failed=false
+echononl "   Adjust '$KEY_CONFIG'.."
+OPENSSL_CONFIG_FILE="$(realpath "$KEY_CONFIG")"
+perl -i.ORIG -n -p -e "s/^(\s*default_days\s*=.*)/#\1\ndefault_days   = $CA_EXPIRE/" $KEY_CONFIG > "$log_file" 2>&1
+if [[ $? -ne 0 ]]; then
+   _failed=true
+fi
+perl -i -n -p -e "s/^(\s*default_crl_days\s*=.*)/#\1\ndefault_crl_days   = $CA_EXPIRE/" $KEY_CONFIG > "$log_file" 2>&1
+if [[ $? -ne 0 ]]; then
+   _failed=true
+fi
+
+if $_failed ; then
+   echo_failed
+   error "$(cat $log_file)"
+else
+   echo_ok
+fi
+

 # ---
 # - Create Keys and Certs