From b33038e3d9f57ee00df0bda8472b509f03ec302e Mon Sep 17 00:00:00 2001 From: Richard T Bonhomme Date: Thu, 5 Sep 2024 22:50:43 +0100 Subject: [PATCH 1/2] inline: Add decimal value for certificate serial number (Linux Only) Signed-off-by: Richard T Bonhomme --- easyrsa3/easyrsa | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index 45a5fbd1..28c2c21b 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -2991,6 +2991,23 @@ inline_file() { $(cat "$crt_source") " + # Calculate decimal value for serial number + # because openvpn uses decimal serial ?!? + # for '--crl-verify /path/to/dir dir' + # For reasons unknown.. + if which bc >/dev/null; then + crt_serial="$( + "$EASYRSA_OPENSSL" x509 -in "$crt_source" \ + -noout -serial + )" || die "inline_file - SSL -serial failed" + crt_serial="${crt_serial#*=}" + crt_serial_dec="$( + echo "ibase=16; $crt_serial" | bc + )" || die "inline_file - HEX to DEC failed" + else + crt_serial_dec="Unavailable" + fi + # Generate fingerprint crt_fingerprint="$( "$EASYRSA_OPENSSL" x509 -in "$crt_source" \ @@ -3133,6 +3150,7 @@ ${tls_key_data} # commonName: $crt_CN # SHA256 fingerprint: # $crt_fingerprint +# Decimal serial number: $crt_serial_dec $crt_data From 45336641a701dfacb84cd2eb38ef677ee5954206 Mon Sep 17 00:00:00 2001 From: Richard T Bonhomme Date: Thu, 5 Sep 2024 22:58:51 +0100 Subject: [PATCH 2/2] ChangeLog: inline, add decimal value for cert. serial (Linux Only) Signed-off-by: Richard T Bonhomme --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 6ecd0369..1e72d1ed 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ Easy-RSA 3 ChangeLog 3.2.1 (TBD) + * inline: Add decimal value for cert. serial (Linux Only) (b33038e) (#1222) * Always exit with error for unknown command options (Except nopass) (#1221) (build-ca: b2f7912); (gen-req: 07f21d3); (build_full(): 0ff7f4c); (export_pkcs(): 2c51288); (set-pass: 1266d4e)