Page 1 of 1
Generate an empty crl.pem
Posted: Mon Nov 27, 2017 7:10 pm
by markhorrocks
Currently I don't want to revoke any users but I'd like to generate an empty crl.pem so I can add
to my server.conf file now and not need to edit this file in the future and have to restart the openvpn server.
Can I do this? I am using a pki file structure and built my client certificates using
.
Re: Generate an empty crl.pem
Posted: Mon Nov 27, 2017 7:18 pm
by TinCanTech
Code: Select all
$ ./easyrsa
Note: using Easy-RSA configuration from: ./vars
Easy-RSA 3 usage and overview
USAGE: easyrsa [options] COMMAND [command-options]
A list of commands is shown below. To get detailed usage and help for a
command, run:
./easyrsa help COMMAND
For a listing of options that can be supplied before the command, use:
./easyrsa help options
Here is the list of commands available with a short syntax reminder. Use the
'help' command above to get full usage details.
init-pki
build-ca [ cmd-opts ]
gen-dh
gen-req <filename_base> [ cmd-opts ]
sign-req <type> <filename_base>
build-client-full <filename_base> [ cmd-opts ]
build-server-full <filename_base> [ cmd-opts ]
revoke <filename_base>
* gen-crl
update-db
show-req <filename_base> [ cmd-opts ]
show-cert <filename_base> [ cmd-opts ]
import-req <request_file_path> <short_basename>
export-p7 <filename_base> [ cmd-opts ]
export-p12 <filename_base> [ cmd-opts ]
set-rsa-pass <filename_base> [ cmd-opts ]
set-ec-pass <filename_base> [ cmd-opts ]
DIRECTORY STATUS (commands would take effect on these locations)
EASYRSA: .
PKI: //${somewhere}/pki