Openvpn detecting Client certificate expiry

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
krishnamurthydv
OpenVpn Newbie
Posts: 1
Joined: Sat Jun 13, 2020 10:47 am

Openvpn detecting Client certificate expiry

Post by krishnamurthydv » Tue May 18, 2021 12:35 pm

Hi,
We are using openvpn 2.4.9 version in our control plane and data plane in userspace. We use x509 certificates at both client and server. I have a query regarding certificate expiry: Here is the scenario
1. Clients connect to server with valid certificate and connection comes up
2. But the Client cert is about to expire in next 1 hour.

So is there any option that can enable openvpn server to detect this cert expiry and disconnect the client?

Is there any error code that is sent to client to say that the certificate has expired?

In the experiments done with openvpn version we have, we did not see the server disconnecting at all.

Post Reply