From 3a96224d1f6646f86acb1bf9e611ae385b59047e Mon Sep 17 00:00:00 2001 From: Nyr Date: Tue, 8 Mar 2016 01:12:43 +0100 Subject: [PATCH] Revoking doesn't need a restart The CRL is checked with every new connection and channel renegotiation, no need to restart the server. --- openvpn-install.sh | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/openvpn-install.sh b/openvpn-install.sh index e102997..76d967e 100644 --- a/openvpn-install.sh +++ b/openvpn-install.sh @@ -114,16 +114,6 @@ if [[ -e /etc/openvpn/server.conf ]]; then rm -rf pki/issued/$CLIENT.crt rm -rf /etc/openvpn/crl.pem cp /etc/openvpn/easy-rsa/pki/crl.pem /etc/openvpn/crl.pem - # And restart - if pgrep systemd-journal; then - systemctl restart openvpn@server.service - else - if [[ "$OS" = 'debian' ]]; then - /etc/init.d/openvpn restart - else - service openvpn restart - fi - fi echo "" echo "Certificate for client $CLIENT revoked" exit