From 514cd2e50f0759ff12e38b5e191c23a21bbe703e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Dubois?= <jdubois@evolix.fr>
Date: Tue, 13 Dec 2022 17:42:09 +0100
Subject: [PATCH] Defaults default_crl_days to 2 years instead of 1

---
 CHANGELOG.md | 4 ++++
 openssl.cnf  | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a7bcbb1..4217474 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,8 +10,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 
+* Defaults default_crl_days to 2 years instead of 1
+
 ### Fixed
 
+* Fix ${CRL} and ${CA_DIR} rights so that CRL file can be read by openvpn
+
 ### Removed
 
 ### Security
diff --git a/openssl.cnf b/openssl.cnf
index 5e1e3c8..dbda2b0 100644
--- a/openssl.cnf
+++ b/openssl.cnf
@@ -14,7 +14,7 @@ crl             = $dir/crl.pem
 private_key     = $dir/cakey.key
 RANDFILE        = $dir/.rand
 default_days    = 365
-default_crl_days= 365
+default_crl_days= 730
 default_md      = sha256
 preserve        = no
 policy          = policy_match