Code: Select all
crl-verify crl.pemCan I do this? I am using a pki file structure and built my client certificates using
Code: Select all
./build-client-full markGenerate an empty crl.pem
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
markhorrocks
- OpenVpn Newbie
- Posts: 9
- Joined: Tue Jul 18, 2017 9:03 pm
Generate an empty crl.pem
Currently I don't want to revoke any users but I'd like to generate an empty crl.pem so I can add to my server.conf file now and not need to edit this file in the future and have to restart the openvpn server.
Can I do this? I am using a pki file structure and built my client certificates using.
Can I do this? I am using a pki file structure and built my client certificates using
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Generate an empty crl.pem
Code: Select all
$ ./easyrsa
Note: using Easy-RSA configuration from: ./vars
Easy-RSA 3 usage and overview
USAGE: easyrsa [options] COMMAND [command-options]
A list of commands is shown below. To get detailed usage and help for a
command, run:
./easyrsa help COMMAND
For a listing of options that can be supplied before the command, use:
./easyrsa help options
Here is the list of commands available with a short syntax reminder. Use the
'help' command above to get full usage details.
init-pki
build-ca [ cmd-opts ]
gen-dh
gen-req <filename_base> [ cmd-opts ]
sign-req <type> <filename_base>
build-client-full <filename_base> [ cmd-opts ]
build-server-full <filename_base> [ cmd-opts ]
revoke <filename_base>
* gen-crl
update-db
show-req <filename_base> [ cmd-opts ]
show-cert <filename_base> [ cmd-opts ]
import-req <request_file_path> <short_basename>
export-p7 <filename_base> [ cmd-opts ]
export-p12 <filename_base> [ cmd-opts ]
set-rsa-pass <filename_base> [ cmd-opts ]
set-ec-pass <filename_base> [ cmd-opts ]
DIRECTORY STATUS (commands would take effect on these locations)
EASYRSA: .
PKI: //${somewhere}/pki