|
|
Just do the following: #. ./vars #./revoke-full then just move crl.pem from ~/keys to your openvpn dir crl-verify crl.pem should be in your server.conf file so the daemon will check for revoked certs -----Original Message----- From: Christian Fernandez <cfernandez@xxxxxxxxxxxxxxx> To: Christian Fernandez <cfernandez@xxxxxxxxxxxxxxx> Cc: openvpn-users@xxxxxxxxxxxxxxxxxxxxx Date: Wed, 02 Aug 2006 21:54:11 -0400 Subject: Re: [Openvpn-users] revocation > Bump! can someone take a look please? I have look all over google for a > FAQ of errors or things related to revocation > and for my surprise there is almost no documentation about it.. 10 > lines > in the howto and almost no mention anywhere... > and I need to reboke a kee before my boss start asking questions about > why this software is obscure and have another excuse to tell me that > OSS > is complicated when is not, is jsut sometimes we have to do things we > are not familiar, like in my case revocation, I can setup all types of > vpn's pptp, ipsec create and revoke there but in openvpn I can do > mostly > anything by now but never had to revoke under it so I am a noob in > issues related to it. and usually when things are not in production I > will test things and figure out in my own, but I cant just do that > here. > > > Christian Fernandez wrote: > > >I have a problem with revocation.. > >I am following the steps under: > >http://openvpn.net/howto.html#revoke > >and everything goes on till I go to look inside the keys folder for > the > >crl.pem > >there is one file but it have some old account I revoked or a key or > >something. > >this is the first time I try to revoke a key on openvpn > >Im using openvpn 2 under gentoo. > >OpenVPN 2.0.6 i686-pc-linux-gnu [SSL] [LZO] [EPOLL] built on Apr 7 > 2006 > > > >please help soon cause I need to revoke this key, > >PS: I dont understand why after revoking the key I have to add the > >crl.pm to the openvpn config so openvpn will check that list everytime > a > >user tryins to log in, if they file was already revoked with the > >revoke-full command. > >Thanks. > > > > > >---------------------------------------------------------------------- > --- > >Take Surveys. Earn Cash. Influence the Future of IT > >Join SourceForge.net's Techsay panel and you'll get the chance to > share your > >opinions on IT & business topics through brief surveys -- and earn > cash > >http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEV > DEV > > > >---------------------------------------------------------------------- > -- > > > >_______________________________________________ > >Openvpn-users mailing list > >Openvpn-users@xxxxxxxxxxxxxxxxxxxxx > >https://lists.sourceforge.net/lists/listinfo/openvpn-users > > > > > > ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |