From: Erik Kapfer <erik.kapfer@ipfire.org>
Date: Mon, 18 Jun 2018 14:41:27 +0000 (+0200)
Subject: OpenVPN: Set default of 730 days for client certificate validity
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c0a7c9b2784629292db45763ae02b76023018c16;p=people%2Fms%2Fipfire-2.x.git

OpenVPN: Set default of 730 days for client certificate validity

Since OpenSSL 1.1.0x it is required to set a value for the 'valid til (days)' field.
The WUI delivers now a guide value of two years.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 1c2a810020..b3122a49c7 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -4451,7 +4451,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
 	$cgiparams{'CERT_CITY'}         = $vpnsettings{'ROOTCERT_CITY'};
 	$cgiparams{'CERT_STATE'}        = $vpnsettings{'ROOTCERT_STATE'};
 	$cgiparams{'CERT_COUNTRY'}      = $vpnsettings{'ROOTCERT_COUNTRY'};
-	$cgiparams{'DAYS_VALID'}     	= $vpnsettings{'DAYS_VALID'};
+	$cgiparams{'DAYS_VALID'}     	= $vpnsettings{'DAYS_VALID'} = '730';
     }
 
     VPNCONF_ERROR: