Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Command revoke: Do not remove duplicate certificate by serial #1177

Merged
merged 4 commits into from
Jun 27, 2024
Merged

Command revoke: Do not remove duplicate certificate by serial #1177

merged 4 commits into from
Jun 27, 2024

Conversation

TinCanTech
Copy link
Collaborator

No description provided.

@TinCanTech TinCanTech self-assigned this Jun 26, 2024
@TinCanTech TinCanTech linked an issue Jun 26, 2024 that may be closed by this pull request
Command revoke must not move key and request files #1172
Closed
@TinCanTech TinCanTech added the development Possible changes label Jun 26, 2024
@TinCanTech TinCanTech removed a link to an issue Jun 26, 2024
Command revoke must not move key and request files #1172
Closed
@TinCanTech TinCanTech mentioned this pull request Jun 26, 2024
Closed
@TinCanTech
Command revoke: Conditionally move request and key files
4537ae7 
For 'revoke',  always move the req/key files.
It is assumed that revoking an issued cert implies that renewal
is not desired.

For 'revoke-expired' and 'revoke-renewed', never move the req/key files.
It is assumed that revoking an expired or renewed cert implies that
renewal is desired.

Signed-off-by: Richard T Bonhomme <[email protected]>
@TinCanTech TinCanTech linked an issue Jun 26, 2024 that may be closed by this pull request
Command revoke must not move key and request files #1172
Closed
@TinCanTech TinCanTech added this to the v3.2.1 milestone Jun 26, 2024
@TinCanTech TinCanTech linked an issue Jun 27, 2024 that may be closed by this pull request
gen-req overwrites an existing request without confirmation #1178
Closed
@TinCanTech
ChangeLog: Command revoke/revoke-expired/-renewed: Old file removal
d6c5e52 
revoke: Always remove old req/key files.
It is assumed that revoking an issued certificate does not require
subsequesnt renewal.

revoke-expired/revoke-renewed: Never remove old req/key files.
It is assumed that revoking an expired or renewed certificate does
require subsequent renewal.

Never remove the duplicate certificate by serial, this file must
always be unique, so it does not need to be removed.
This also allows status reports to have simple access to all signed
certificates, regardless of status.

Signed-off-by: Richard T Bonhomme <[email protected]>
@TinCanTech TinCanTech merged commit 4510178 into OpenVPN:master Jun 27, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@TinCanTech TinCanTech

Labels
BUG-FIX ChangeLog Item improvement Version 3.2.1-Release
Projects
None yet
Milestone
v3.2.1
1 participant
@TinCanTech