Unrevoking certificate under Windows
Posted: Mon Mar 06, 2017 1:47 pm
Hi,
I'm using OpenVPN on Windows server 2012 and all seem to work fine. For testing purposes, I revoked a client certificate by doing:
and adding a
to the server config file.
This also worked fine, except, I need to unrevoke the certificate now and I can't get that to work. To unrevoke this certificate I editted the index.txt file and changed the R of the specific certificate to V. Further more, and here's where it fails, I'm trying the command:
But this gives me the following error:
I suspect this is the culprit: "WARNING: can't open config file: /etc/ssl/openssl.cnf". How do I make the openssl command to look for the right folder instead of "/etc/ssl/openssl.cnf" ? Because that looks like a Linux location to me. Or if that has nothing to do with my issues, how can I unrevoke a client certificate on OpenVPN for Windows?
Thanks in advance.
I'm using OpenVPN on Windows server 2012 and all seem to work fine. For testing purposes, I revoked a client certificate by doing:
Code: Select all
revoke-full mylaptop
Code: Select all
crl-verify "<location>\\crl.pem"
This also worked fine, except, I need to unrevoke the certificate now and I can't get that to work. To unrevoke this certificate I editted the index.txt file and changed the R of the specific certificate to V. Further more, and here's where it fails, I'm trying the command:
Code: Select all
openssl ca -gencrl -out "crl.pem" -config "$KEY_CONFIG"
Code: Select all
C:\Program Files\OpenVPN\easy-rsa\keys>openssl ca -gencrl -out "crl.pem" -config
"$KEY_CONFIG"
WARNING: can't open config file: /etc/ssl/openssl.cnf
Using configuration from $KEY_CONFIG
error loading the config file '$KEY_CONFIG'
10316:error:02001002:system library:fopen:No such file or directory:bss_file.c:1
75:fopen('$KEY_CONFIG','rb')
10316:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:182:
10316:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.
c:195:
Thanks in advance.