`--client-cert-url` not working if `--ovpn-ca-crt`/`--ovpn-ca-key` is specified
To test the v5-path of the desktop, I need a menshen instance working with the backwards compatible riseup infrastructure. What I bascially need is:
- --from-eip-url https://black.riseup.net:4430/3/config/eip-service.json
- --client-cert-url https://api.black.riseup.net:4430/3/cert
I use
go run ./cmd/menshen/main.go --verbose --from-eip-url https://black.riseup.net:4430/3/config/eip-service.json --allow-bridge-list --allow-gateway-list --client-cert-url https://api.black.riseup.net:4430/3/cert --ca-file riseup-ca.pem --ovpn-ca-crt test/ovpn_client_ca.crt --ovpn-ca-key test/ovpn_client_ca.key
pea@peabox:menshen curl localhost:8443/api/5/openvpn/cert
-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEICcjdzQILzA5ldS+IU+jqxAzuymi2mxALVreX1IE9LKr
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIBgzCCASmgAwIBAgIQXqIC7amgfVmWqBpbVEuLXTAKBggqhkjOPQQDAjA5MTcw
NQYDVQQDDC5Qcm92aWRlci1YIFJvb3QgQ0EgKGNsaWVudCBjZXJ0aWZpY2F0ZXMg
b25seSEpMB4XDTI0MDUyMTEwMzQyN1oXDTI0MDYyNzEwMzQyN1owFDESMBAGA1UE
AxMJVU5MSU1JVEVEMCowBQYDK2VwAyEArwpBtUm2i4Z8aH8nue7j6jVFdU2abZ9Z
7ql4qTpBMtSjZzBlMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcD
AjAdBgNVHQ4EFgQUTMo8+kUkrF0E8J1i3IyksiF0rpAwHwYDVR0jBBgwFoAU3Yvt
/zAKOUF/cs9pTmEg0yV3tt4wCgYIKoZIzj0EAwIDSAAwRQIhANBObKYCkdIP+aUO
b7K0B7UbjEZYBjr8Pfnbg7ystInbAiAFAssNTHN4BcFxAWTGjMjpXcrvC7g8e0Hm
7p0fx8C5xw==
-----END CERTIFICATE-----
If I ask for a certificate, then I get EC ones (generted by --ovpn-ca-crt/---ovpn-ca-key parameters) and not the upstream RSA ones from riseup. --ovpn-ca-crt/key
are mandatory arguments.