hi mac, On Thu, Dec 25, 2008 at 5:09 PM, mac borje <[email protected]> wrote: > > and can I ask what is the proper procedure to unsubscribe the keys and > certificate so i can prevent it to connect on our system (for keys and > certificates that are no longer have authorization the connect from the > system) is simply deleting the key and certificate and delete the entry on > the txt file inventory (index,txt) and delete pem file aslo are the correct > procedure
you dont touch index.txt or any file. to revoke a ceritifcate, just use the easy-rsa script provided (revoke-full). it will invalidate the client certificate. the revoke-full script will generate new .crl file. upload it to your openvpn server. you have to have the "crl-verify" keyword in your config file. > > > thank you in advance > ~mac > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- edel _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
