From 610ccdbcfe69936cb3af7b2cdfdeaf7c1db62302 Mon Sep 17 00:00:00 2001
From: Paul Donald <newtwen+github@gmail.com>
Date: Tue, 10 Jun 2025 15:02:25 +0200
Subject: [PATCH] luci-proto-openfortivpn: make PEM key+CA optional

Fixes #7812

Some authentications schemes using username+password might already be
sufficient.

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
---
 .../htdocs/luci-static/resources/protocol/openfortivpn.js       | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js
index ae26aaa569..48718afc26 100644
--- a/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js
+++ b/protocols/luci-proto-openfortivpn/htdocs/luci-static/resources/protocol/openfortivpn.js
@@ -116,6 +116,7 @@ return network.registerProtocol('openfortivpn', {
 		};
 
 		o = s.taboption('general', form.TextValue, 'user_key', _('User key (PEM encoded)'));
+		o.optional = true;
 		o.rows = 10;
 		o.monospace = true;
 		o.validate = L.bind(validateCert, o, true);
@@ -128,6 +129,7 @@ return network.registerProtocol('openfortivpn', {
 		};
 
 		o = s.taboption('general', form.TextValue, 'ca_file', _('CA certificate (PEM encoded; Use instead of system-wide store to verify the gateway certificate.'));
+		o.optional = true;
 		o.rows = 10;
 		o.monospace = true;
 		o.validate = L.bind(validateCert, o, false);