mirror/openvpn-install
1
0
Fork 0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-27 15:36:07 +03:00
Code Issues Projects Releases Wiki Activity

Revoking doesn't need a restart

Browse Source 
The CRL is checked with every new connection and channel renegotiation,
no need to restart the server.
This commit is contained in:
Nyr 2016-03-08 01:12:43 +01:00
parent 96108e6b2e
commit 3a96224d1f
1 changed files with 0 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openvpn-install.sh
View File

@ -114,16 +114,6 @@ if [[ -e /etc/openvpn/server.conf ]]; then
rm -rf pki/issued/$CLIENT.crt rm -rf pki/issued/$CLIENT.crt
rm -rf /etc/openvpn/crl.pem rm -rf /etc/openvpn/crl.pem
cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem
# And restart
if pgrep systemd-journal; then
systemctl restart openvpn@server.service
else
if [[ "$OS" = 'debian' ]]; then
/etc/init.d/openvpn restart
else
service openvpn restart
fi
fi
echo "" echo ""
echo "Certificate for client $CLIENT revoked" echo "Certificate for client $CLIENT revoked"
exit exit