OpenVPN issues config file generation

[hsiewert]

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

• I have read the contributing guide lines at https://github.com/opnsense/core/blob/master/CONTRIBUTING.md
• I am convinced that my issue is new after having checked both open and closed issues at https://github.com/opnsense/core/issues?q=is%3Aissue

Describe the bug
A.)
If a certificate revocation list ist selected in settings under instances [new] the openvpn will not start.
The generated config file will point to a file named /var/etc/openvpn/server-[instance-id].crl-verify but the file is not there.

The logfile shows:
2023-08-03T21:01:24 Notice openvpn_server10 Options error: --crl-verify fails with '/var/etc/openvpn/server-[instance-id].crl-verify': No such file or directory (errno=2)

B.)
The drop-down "Certificate Depth" ist completely ignored. If you save the instance and reopen it, it will always show "Do Not Check".

To Reproduce

Steps to reproduce the behavior:

1. Go to VPN, OpenVPN, Instances [new]
2. Click on 'OpenVPN'
3. Add a Instance
4. Select "Certification Revocation List" -> "RevocationsList"
5. Save and Apply

Environment

2x OPNsense 23.7 (amd64, OpenSSL) as HA
Client Windows 10 / Firefox 115.0.2 x64

[AdSchellevis]

The depth thing is highly likely 68ae7bd

[AdSchellevis]

and this 049fca5 should fix the missing crl. (needs a configd restart)

[hsiewert]

I tested it. this didn't work but
command:/usr/local/sbin/pluginctl -c crl && /usr/local/opnsense/scripts/openvpn/ovpn_service_control.php
will do.

[AdSchellevis]

@hsiewert you need to restart configd before this will work, (service configd restart)

[hsiewert]

@AdSchellevis confirmed, retested, you are right. Sorry.

[AdSchellevis]

@hsiewert thanks for confirming!