So I was creating accounts for my users and my process would remove the client's crt file from the server after I had downloaded it and passed it on. I did this for security concerns and didn't realize I would need it for revocation.
Is there any way to manually revoke a client without the crt file? Going through the easyrsa script, it seems it's looking for that file.
I'm guessing if I manually edit the index.txt file won't do anything.
Thanks
Client revocation without the original CRT key
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 6
- Joined: Wed Oct 09, 2013 11:27 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Client revocation without the original CRT key
See --crl-verify crl ['dir']
You know where to look ..
You know where to look ..