From 686eee5d349e75ac5b3b1125dde91b8a0d3313c7 Mon Sep 17 00:00:00 2001
From: Richard T Bonhomme <tincantech@protonmail.com>
Date: Sat, 20 Nov 2021 15:06:32 +0000
Subject: [PATCH] revokeClient: Do not remove revoked client record from
 index.txt

Deleting a revoked (^R) client record from index.txt means that the
client will not be listed in the Certificate Revocation List.  This
effectively "unrevokes" the client and allows the client to continue
using the VPN.

Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
---
 openvpn-install.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 4ff23a7..28584aa 100755
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -1187,7 +1187,6 @@ function revokeClient() {
 	rm -f "/root/$CLIENT.ovpn"
 	sed -i "/^$CLIENT,.*/d" /etc/openvpn/ipp.txt
 	cp /etc/openvpn/easy-rsa/pki/index.txt{,.bk}
-	sed -i -e '/^[R]/d' /etc/openvpn/easy-rsa/pki/index.txt
 
 	echo ""
 	echo "Certificate for client $CLIENT revoked."