search

kyl191 / ansible-role-openvpn

Ansible Playbook for OpenVPN on CentOS/Fedora/RHEL clones
MIT License
245 stars 218 forks source link

Client CSR is not deleted CentOS 7 #184

Open terryjrjoyce opened 2 years ago

terryjrjoyce commented 2 years ago

When revoking the clients the CA cert is not removed from the server.

Current Code

- name: Revoke certificates
  command: sh revoke.sh {{ item }}.crt
  changed_when: true
  args:
    chdir: "{{ openvpn_key_dir }}"
  with_items:
    - '{{ openvpn_revoke_these_certs }}'
    - '{{ openvpn_cert_sync_revoke | default([]) }}'

New Code

- name: Revoke client crt
  file:
    path: "{{ openvpn_key_dir }}/{{ item }}.crt"
    state: absent
    force: true
  with_items:
    - '{{ openvpn_revoke_these_certs }}'
    - '{{ openvpn_cert_sync_revoke | default([]) }}'
jbeyerstedt commented 2 years ago

I think this would be fixed by #186.