Make crl verification optional
This commit is contained in:
parent
36f5d2b782
commit
c595fbe31a
|
@ -7,11 +7,14 @@ tls-server
|
|||
|
||||
{
|
||||
|
||||
$OUT .= "tls-auth priv/takey.pem 0\n" if
|
||||
(-e "/etc/openvpn/routed/priv/takey.pem" &&
|
||||
!-z "/etc/openvpn/routed/priv/takey.pem");
|
||||
|
||||
if (-e "/etc/openvpn/routed/priv/takey.pem" &&
|
||||
!-z "/etc/openvpn/routed/priv/takey.pem"){
|
||||
$OUT .= "tls-auth priv/takey.pem 0\n";
|
||||
}
|
||||
|
||||
# CRL file for certificates verification
|
||||
crl-verify pub/cacrl.pem
|
||||
if (-e '/etc/openvpn/routed/pub/cacrl.pem' &&
|
||||
!-z '/etc/openvpn/routed/pub/cacrl.pem'){
|
||||
$OUT .= "crl-verify pub/cacrl.pem\n";
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue