CRL dir??

[tku703@gmail.com]

Hello all,

I was inherited an environment that has an OpenVPN server that multiple clients connect to our backend. It currently has the following crl setting in the conf file:

crl-verify /path/to/dir dir

And in that /path/to/dir directory, there are empty files with numeric names, (e.g. 407, 2894, etc...). Its my understanding these number files represent serial numbers of certificates that are revoked.

My question is how do you find or view what the serial numbers of the certificates that my openvpn server trusts. I want to add to this crl revoke list. If the numeric files doesn't represent serial numbers of certificates, what are those numbers and what do they represent.

Thanks

[TinCanTech]

My question is how do you find or view what the serial numbers of the certificates that my openvpn server trusts

That would be the client certificates.

[tku703@gmail.com]

how do i find those serial numbers?

clientA = 407
clientB = 2894

How to find this info out?

[TinCanTech]

My question is how do you find or view what the serial numbers of the certificates that my openvpn server trusts

That would be the client certificates.

[tku703@gmail.com]

is there a openssl command to run on the openvpn server to view all serial numbers of all certificates?

[TinCanTech]

You don't seem to be getting this, you need the client certificate.

I was inherited an environment that has an OpenVPN server that multiple clients connect to our backend

I suggest you contact whom-so-ever you inherited this from.

If all else fails then you can contact me privately: tincanteksup <at> gmail