thank you edel, where can I put the generated .crl file on what folder, inside openvpn or inside openvpn/easy-rsa/ ?
~mac On Fri, Dec 26, 2008 at 1:53 PM, Edel SM <[email protected]> wrote: > hi mac, > > On Thu, Dec 25, 2008 at 5:09 PM, mac borje <[email protected]> wrote: > > > > and can I ask what is the proper procedure to unsubscribe the keys and > > certificate so i can prevent it to connect on our system (for keys and > > certificates that are no longer have authorization the connect from the > > system) is simply deleting the key and certificate and delete the entry > on > > the txt file inventory (index,txt) and delete pem file aslo are the > correct > > procedure > > you dont touch index.txt or any file. to revoke a ceritifcate, just > use the easy-rsa script provided (revoke-full). it will invalidate the > client certificate. the revoke-full script will generate new .crl > file. upload it to your openvpn server. you have to have the > "crl-verify" keyword in your config file. > > > > > > > thank you in advance > > ~mac > > > > _________________________________________________ > > Philippine Linux Users' Group (PLUG) Mailing List > > http://lists.linux.org.ph/mailman/listinfo/plug > > Searchable Archives: http://archives.free.net.ph > > > > > > -- > edel > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph >
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
