revokeClient: Do not remove revoked client record from index.txt (#945)

Deleting a revoked (^R) client record from index.txt means that the
client will not be listed in the Certificate Revocation List.  This
effectively "unrevokes" the client and allows the client to continue
using the VPN.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
This commit is contained in:
TinCanTech 2021-12-13 21:45:35 +00:00 committed by GitHub
parent dd9d0aa281
commit 89b591a160
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1187,7 +1187,6 @@ function revokeClient() {
rm -f "/root/$CLIENT.ovpn"
sed -i "/^$CLIENT,.*/d" /etc/openvpn/ipp.txt
cp /etc/openvpn/easy-rsa/pki/index.txt{,.bk}
sed -i -e '/^[R]/d' /etc/openvpn/easy-rsa/pki/index.txt
echo ""
echo "Certificate for client $CLIENT revoked."