Permanently disable `easytls-cryptv2-verify.sh` `--via-ca` method

TinCanTech / easy-tls

Manage and Inline OpenVPN TLS keys and Easy-RSA PKI credentials. Supports OpenVPN TLS-Crypt-V2 key system and OpenVPN Peer-Fingerprint mode.

GNU General Public License v2.0

87 stars 19 forks source link

Permanently disable `easytls-cryptv2-verify.sh` `--via-ca` method #284

Closed TinCanTech closed 2 years ago

TinCanTech commented 2 years ago

OpenSSL always returns an error when verifying a certificate revocation status.

Disable this method completely.

TinCanTech commented 2 years ago

Leave it.

The script does not rely on openssl ca to verify the certificate, instead it captures the output and ignores the error from openssl. Then processes the output.