Skip to content

Commit

Permalink
gen-crl: Create additional CRL in DER format
Browse files Browse the repository at this point in the history
Signed-off-by: Richard T Bonhomme <[email protected]>
  • Loading branch information
TinCanTech committed Aug 3, 2024
1 parent bdfa8ea commit 69df0d8
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions easyrsa3/easyrsa
Original file line number Diff line number Diff line change
Expand Up @@ -3439,6 +3439,7 @@ It is now possible to sign a new certificate for '$file_name_base'"
# gen-crl backend
gen_crl() {
out_file="$EASYRSA_PKI/crl.pem"
out_der="$EASYRSA_PKI/crl.der"

out_file_tmp=""
easyrsa_mktemp out_file_tmp || \
Expand All @@ -3461,7 +3462,19 @@ gen_crl() {
die "Failed to move temp CRL file."
fi

# Copy to DER - As published by OpenSSL
if "$EASYRSA_OPENSSL" crl -in "$out_file" -out "$out_der" \
-outform DER
then
crl_der_note="An updated CRL DER copy has been created:
* $out_der"
else
crl_der_note="Failed to create CRL DER copy!"
fi

notice "\
$crl_der_note

An updated CRL has been created:
* $out_file"

Expand Down

0 comments on commit 69df0d8

Please sign in to comment.