Profile Details

Toggle Sidebar
Recent updates
  • Thank you very much for your answer. I read it right away, it turned out only now. In the coming days I’ll try, I will write the result.

  • Thank you very much for your answer. I read it right away, it turned out only now. In the coming days I’ll try, I will write the result.

  • I've been having a look and using this, this, this and this. So to greate a CRL do:Note the default clrdays is 30. The recommendation is to regenerate the file every 30 days. The easiest way to do that is to set the crldays to something like 45 and put the line in a configlet in /etc/cron.monthly, remembering to make it executable. Also add " > /dev/null 2>&1" to the end of the openssl command to quieten the output. Otherwise you can be lazy and set it to a high number like 3650 days. You have to regenerate the file every time you revoke a certificate or batch of certificates.

    Then to revoke a certificate, e.g the one for user "test1" do:Now you have a certificate revoked and it exists in the crl.pem file. You can check withThe serial number can be cross-referenced against the number in /etc/pki/CA/index.txt.

    In /etc/openvpn/clients.conf, then add a line:And restart OpenVPN. You should now have a functioning CRL.

    If you want to test, I suggest you make a backup of the whole /etc/pki/CA folder and restore it after your testing. Revoking a certificate seems to update /etc/pki/CA/index.txt and regenerating the crl.pem also updates /etc/pki/CA/crlnumber but there may be more changes than that.

  • How to revoke user certificates OpenVPN?

    Hello everybody! I am from Kazakhstan, I am not very fluent in English, I write through a Google translator, and I apologize for any possible errors. I have a server on the Сlear OS 7 configured by the gateway. An OpenVPN server has been installed and configured, over time, there have become a lot of users, and some leave, therefore it is necessary to revoke their certificates. Please tell me how to revoke the certificate of open VPN client on the Сlear OS 7 server. Thank you very much in advance for your reply!

  • How to revoke user certificates OpenVPN?

    Hello everybody! I am from Kazakhstan, I am not very fluent in English, I write through a Google translator, and I apologize for any possible errors. I have a server on the Сlear OS 7 configured by the gateway. An OpenVPN server has been installed and configured, over time, there have become a lot of users, and some leave, therefore it is necessary to revoke their certificates. Please tell me how to revoke the certificate of open VPN client on the Сlear OS 7 server. Thank you very much in advance for your reply!

  • Yevgeniy Savgira
    Yevgeniy Savgira unlocked the badge Newbie
    Newbie
    Congrats on registering on the site!
  • Yevgeniy Savgira
    Yevgeniy Savgira just registered on the site