diff --git a/openvpn-install.sh b/openvpn-install.sh
index 6944fb8..c54ce08 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -143,7 +143,7 @@ if [[ -e /etc/openvpn/server.conf ]]; then
 			CLIENT=$(tail -n +2 /etc/openvpn/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | sed -n "$CLIENTNUMBER"p)
 			cd /etc/openvpn/easy-rsa/
 			./easyrsa --batch revoke $CLIENT
-			./easyrsa gen-crl
+			EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl
 			rm -rf pki/reqs/$CLIENT.req
 			rm -rf pki/private/$CLIENT.key
 			rm -rf pki/issued/$CLIENT.crt
@@ -598,7 +598,7 @@ set_var EASYRSA_CURVE $CERT_CURVE" > vars
 	fi
 	./easyrsa build-server-full server nopass
 	./easyrsa build-client-full $CLIENT nopass
-	./easyrsa gen-crl
+	EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl
 	if [[ $TLS_SIG == "1" ]]; then
 		# Generate tls-crypt key
 		openvpn --genkey --secret /etc/openvpn/tls-crypt.key