OpenVPN Support Forum

Hello all,

I was inherited an environment that has an OpenVPN server that multiple clients connect to our backend. It currently has the following crl setting in the conf file:

crl-verify /path/to/dir dir

And in that /path/to/dir directory, there are empty files with numeric names, (e.g. 407, 2894, etc...). Its my understanding these number files represent serial numbers of certificates that are revoked.

My question is how do you find or view what the serial numbers of the certificates that my openvpn server trusts. I want to add to this crl revoke list. If the numeric files doesn't represent serial numbers of certificates, what are those numbers and what do they represent.

Thanks

tku703@gmail.com wrote: ↑

Sat Feb 22, 2020 3:02 pm

My question is how do you find or view what the serial numbers of the certificates that my openvpn server trusts

That would be the client certificates.

how do i find those serial numbers?

clientA = 407
clientB = 2894

How to find this info out?

is there a openssl command to run on the openvpn server to view all serial numbers of all certificates?

You don't seem to be getting this, you need the client certificate.

tku703@gmail.com wrote: ↑

Sat Feb 22, 2020 3:02 pm

I was inherited an environment that has an OpenVPN server that multiple clients connect to our backend

I suggest you contact whom-so-ever you inherited this from.

If all else fails then you can contact me privately: tincanteksup <at> gmail