Question about revoke procedure
Posted: Mon Jul 13, 2020 5:43 am
Hi,
I have an OpenVPN server installed and running on FreeBSD.
FreeBSD version : 12.1
OpenVPN version : 2.4.8
The revoke process creates crl.pem, but copy this file to a location where openvpn can access it.
Then, it is natural that the client PC that is the target of revoke cannot newly connect to the OpenVPN server.
However, the client PC that is not the target of revoke cannot connect to the OpenVPN server newly.
There was a message "CRL: cannot read: crl.pem" in the log.
At this time, if the OpenVPN daemon is restarted, client PCs that are not the target of revoke can newly connect to the OpenVPN server.
Is this as expected?
I have an OpenVPN server installed and running on FreeBSD.
FreeBSD version : 12.1
OpenVPN version : 2.4.8
The revoke process creates crl.pem, but copy this file to a location where openvpn can access it.
Then, it is natural that the client PC that is the target of revoke cannot newly connect to the OpenVPN server.
However, the client PC that is not the target of revoke cannot connect to the OpenVPN server newly.
There was a message "CRL: cannot read: crl.pem" in the log.
At this time, if the OpenVPN daemon is restarted, client PCs that are not the target of revoke can newly connect to the OpenVPN server.
Is this as expected?