From d6c5e52c5d8f763322c2eeb470131d5e500e35ac Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Thu, 27 Jun 2024 11:46:21 +0100
Subject: [PATCH] ChangeLog: Command revoke/revoke-expired/-renewed: Old file
 removal

revoke: Always remove old req/key files.
It is assumed that revoking an issued certificate does not require
subsequesnt renewal.

revoke-expired/revoke-renewed: Never remove old req/key files.
It is assumed that revoking an expired or renewed certificate does
require subsequent renewal.

Never remove the duplicate certificate by serial, this file must
always be unique, so it does not need to be removed.
This also allows status reports to have simple access to all signed
certificates, regardless of status.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 ChangeLog | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index a7e625297..5656a029d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,9 @@ Easy-RSA 3 ChangeLog
 
 3.2.1 (TBD)
 
+   * gen-req: Always check for existing request file (7eab98e) (#1177)
+   * revoke/revoke-expired/-renewed: Keep duplicate certificate (3da7f66) (#1177)
+   * revoke-expired/-renewed: Keep req/key files for resigning (4537ae7) (#1177)
    * revoke: Add abbreviations for optional 'reason' (a88ccc7) (#1173)
    * build-ca: Allow use of --req-cn without batch mode (b77a0fb) (#1170)
    * gen-req: Re-enable use of --req-cn (5cf8c46) (#1170)