]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blobdiff - html/cgi-bin/ovpnmain.cgi
projects / people / pmueller / ipfire-2.x.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ovpnmain.cgi: Fixes Bug#13117 - adds legacy option to openssl commands for cert ...
[people/pmueller/ipfire-2.x.git] / html / cgi-bin / ovpnmain.cgi
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
old mode 100644 (file)
new mode 100755 (executable)
index 50ad21e..5b0accf
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -2227,7 +2227,7 @@ else
 
                # Extract the certificate
                # This system call is safe, because all arguments are passed as an array.
-               system('/usr/bin/openssl', 'pkcs12', '-in', "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12",
+               system('/usr/bin/openssl', 'pkcs12', '-legacy', '-in', "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12",
                        '-clcerts', '-nokeys', '-nodes', '-out', "$file_crt" , '-passin', 'pass:');
                if ($?) {
                        die "openssl error: $?";
@@ -2238,7 +2238,7 @@ else
 
                # Extract the key
                # This system call is safe, because all arguments are passed as an array.
-               system('/usr/bin/openssl', 'pkcs12', '-in', "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12",
+               system('/usr/bin/openssl', 'pkcs12', '-legacy', '-in', "${General::swroot}/ovpn/certs/$confighash{$cgiparams{'KEY'}}[1].p12",
                        '-nocerts', '-nodes', '-out', "$file_key", '-passin', 'pass:');
                if ($?) {
                        die "openssl error: $?";
Peter's tree of IPFire 2.x