> Just tested here and I got no error: > > 2023-11-28 15:01:34 us=767852 OpenVPN 2.7_git [git:master/a1cb1b47b138b9f6] > x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] > [DCO] built on Nov 28 2023 > 2023-11-28 15:01:34 us=767885 library versions: OpenSSL 3.0.11 19 Sep 2023, > LZO 2.10 > 2023-11-28 15:01:34 us=767922 DCO version: N/A > 2023-11-28 15:01:34 us=767987 WARNING: --keepalive option is missing from > server config > 2023-11-28 15:01:34 us=768002 net_route_v4_best_gw query: dst 0.0.0.0 > 2023-11-28 15:01:34 us=768098 net_route_v4_best_gw result: via 0.0.0.0 dev > 2023-11-28 15:01:34 us=770152 Diffie-Hellman initialized with 2048 bit key > 2023-11-28 15:01:34 us=772370 CRL: loaded 1 CRLs from file /home/ordex/2e.crl > > Are you sure that you are not loading yet something else along with this CRL? > Like you verified, this CRL seems fine.
How would I do that? I sent you exactly the same file that I have as a parameter to crl-verify and nowhere else. Where else could I be loading “something else”? > > And my command line is as simple as: > > openvpn --server 10.10.0.0 255.255.255.0 --dev tun --topology subnet --ca > ../../test-pki/pki/ca.crt --cert ../../test-pki/pki/issued/server.crt --key > ../../test-pki/pki/private/server.key --verb 4 --dh ../../test-pki/pki/dh.pem > --crl-verify /home/ordex/2e.crl > > EXTRA NOTE: I tested master *and* v2.6.3 with the same result. Have you tried connecting? I get this error only on client connect. _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
