From dcb19b2ce34f079d8af080d670a8a2ca5295a5f3 Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Fri, 8 Dec 2023 23:06:13 +0000
Subject: [PATCH] Move call to write_easyrsa_ssl_cnf_tmp() to secure_session()

This is necessary for status reports read_db(), which recreates the
secure session for each record.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 easyrsa3/easyrsa | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa
index cb3be4413..8811705b7 100755
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@@ -717,6 +717,10 @@ secure_session() {
 				OPENSSL_CONF safe_ssl_cnf_tmp \
 				working_safe_ssl_conf
 			easyrsa_err_log="$secured_session/error.log"
+
+			# Verify or create: EASYRSA_SSL_CONF
+			write_easyrsa_ssl_cnf_tmp
+
 			verbose "\
 secure_session: CREATED: $secured_session"
 			return
@@ -5281,9 +5285,6 @@ verify_working_env() {
 		secure_session || die "\
 verify_working_env - secure-session failed"
 
-		# Verify or create: EASYRSA_SSL_CONF
-		write_easyrsa_ssl_cnf_tmp
-
 		# Verify selected algorithm and parameters
 		verify_algo_params