Don't offer a server certificate to export. It doesn't work, and can just lead to confusion.

author: jim-p <jimp@pfsense.org> 2013-01-07 12:19:58 -0500
committer: jim-p <jimp@pfsense.org> 2013-01-07 12:20:49 -0500
commit: 44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4 (patch)
tree: 8436899d0c4ce5e98d9959dac862824a58059d87 /config/openvpn-client-export
parent: 0d92e8fdabb102e43afb99f848fa992557fb37e1 (diff)
download: pfsense-packages-44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4.tar.gz
pfsense-packages-44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4.tar.bz2
pfsense-packages-44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/config/openvpn-client-export/vpn_openvpn_export.php b/config/openvpn-client-export/vpn_openvpn_export.php
index 85d44177..d50b5ec8 100755
--- a/config/openvpn-client-export/vpn_openvpn_export.php
+++ b/config/openvpn-client-export/vpn_openvpn_export.php
@@ -80,7 +80,7 @@ foreach($a_server as $sindex => $server) {
 		}
 	} elseif (($server['mode'] == "server_tls") || (($server['mode'] == "server_tls_user") && ($server['authmode'] != "Local Database"))) {
 		foreach($a_cert as $cindex => $cert) {
-			if ($cert['caref'] != $server['caref'])
+			if (($cert['caref'] != $server['caref']) || ($cert['refid'] == $server['certref']))
 				continue;
 			$ras_cert_entry['cindex'] = $cindex;
 			$ras_cert_entry['certname'] = $cert['descr'];
author	jim-p <jimp@pfsense.org>	2013-01-07 12:19:58 -0500
committer	jim-p <jimp@pfsense.org>	2013-01-07 12:20:49 -0500
commit	44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4 (patch)
tree	8436899d0c4ce5e98d9959dac862824a58059d87 /config/openvpn-client-export
parent	0d92e8fdabb102e43afb99f848fa992557fb37e1 (diff)
download	pfsense-packages-44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4.tar.gz pfsense-packages-44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4.tar.bz2 pfsense-packages-44b86ff3adbd39ff65c3eb5637acfbfd716fd0e4.zip