aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiBa-NL <pba_2k3@yahoo.com>2012-11-24 22:14:27 +0100
committerPiBa-NL <pba_2k3@yahoo.com>2012-11-24 22:14:27 +0100
commit51cd6f8b6f5383144c7def537cd5d3e98e69f822 (patch)
treef8ca06c350c7caf2a0ecc33c234caa9c75b0f7e4
parent0e0679fd7a693cc4a092a4e632b473bf2bc99101 (diff)
downloadpfsense-packages-51cd6f8b6f5383144c7def537cd5d3e98e69f822.tar.gz
pfsense-packages-51cd6f8b6f5383144c7def537cd5d3e98e69f822.tar.bz2
pfsense-packages-51cd6f8b6f5383144c7def537cd5d3e98e69f822.zip
removed purpose checking because: "Certs created before 2.0.1 can have the "wrong" purpose but we should not invalidate them."
-rwxr-xr-xconfig/openvpn-client-export/openvpn-client-export.inc6
1 files changed, 0 insertions, 6 deletions
diff --git a/config/openvpn-client-export/openvpn-client-export.inc b/config/openvpn-client-export/openvpn-client-export.inc
index 70c9dcf9..3c478553 100755
--- a/config/openvpn-client-export/openvpn-client-export.inc
+++ b/config/openvpn-client-export/openvpn-client-export.inc
@@ -120,12 +120,6 @@ function openvpn_client_export_validate_config($srvid, $usrid, $crtid) {
{
$input_errors[] = "Could not locate server certificate.";
} else {
- $server_cert_purpose = cert_get_purpose($server_cert['crt']);
- if ($server_cert_purpose['ca'] == 'Yes')
- $input_errors[] = "Server sertificate is a CA certificate.";
- if ($server_cert_purpose['server'] != 'Yes')
- $input_errors[] = "Server sertificate does not have the purpose 'Server: Yes'";
-
$server_ca = lookup_ca($server_cert['caref']);
if (!$server_ca) {
$input_errors[] = "Could not locate the CA reference for the server certificate.";