diff --git a/easyrsa3/easyrsa b/easyrsa3/easyrsa index d64dcbd1..17a15f70 100755 --- a/easyrsa3/easyrsa +++ b/easyrsa3/easyrsa @@ -2984,8 +2984,8 @@ Conflicting file found at: # Recreate temp-session and # drop edits to SSL Conf file remove_secure_session - locate_support_files secure_session + locate_support_files write_global_safe_ssl_cnf_tmp # Require --copy-ext @@ -4661,6 +4661,11 @@ verify_working_env() { write_global_safe_ssl_cnf_tmp fi fi + + # Find x509-types, openssl-easyrsa.cnf + # and easyrsa-tools.lib + locate_support_files + verbose "verify_working_env: COMPLETED Handover-to: $cmd" } # => verify_working_env() @@ -4716,6 +4721,10 @@ verify_working_env - easyrsa_mktemp global_safe_ssl_cnf_tmp" # If the existing file has a known hash then use temp-file. # Otherwise, use the file in place. write_easyrsa_ssl_cnf_tmp() { + # If EASYRSA_SSL_CONF is undefined then use default + [ "$EASYRSA_SSL_CONF" ] || set_var \ + EASYRSA_SSL_CONF "$EASYRSA_PKI"/openssl-easyrsa.cnf + if [ -f "$EASYRSA_SSL_CONF" ]; then verbose "write_easyrsa_ssl_cnf_tmp: SSL config EXISTS" @@ -5832,9 +5841,6 @@ validate_default_vars # Check for conflicting input options mutual_exclusions -# Find x509-types, openssl-easyrsa.cnf and easyrsa-tools.lib -locate_support_files - # Verify SSL Lib - One time ONLY verify_ssl_lib diff --git a/easyrsa3/easyrsa-tools.lib b/easyrsa3/easyrsa-tools.lib index d92cad86..37a080d4 100644 --- a/easyrsa3/easyrsa-tools.lib +++ b/easyrsa3/easyrsa-tools.lib @@ -417,11 +417,11 @@ read_db() { # Recreate temp session remove_secure_session || \ die "read_db - remove_secure_session" - locate_support_files secure_session || \ die "read_db - secure_session" # Recreate openssl-easyrsa.cnf (Temp) write_global_safe_ssl_cnf_tmp + locate_support_files # Interpret the db/certificate record unset -v db_serial db_cn db_revoke_date db_reason