OpenVPN Support Forum

Posted: **Wed Jul 06, 2022 12:27 pm**

Hi folks

I've come into possession of an openvpn server which needs quite a bit of tending to. One of the issues is that they've been deleting the .crt files from old users as a way to block access - untested of course... As it didn't work...

Is there a way of regenerating the certs or revoking access without the .crt file per chance?

Code: Select all

[xxx]# ./easyrsa revoke yyy

Easy-RSA error:

Unable to revoke as the input file is not a valid certificate. Unexpected
input in file: /etc/openvpn/easy-rsa/pki/issued/yyy.crt

Posted: **Wed Jul 06, 2022 12:58 pm**

macaodh wrote: ↑
Wed Jul 06, 2022 12:27 pm
Is there a way of regenerating the certs or revoking access without the .crt file per chance?

My mind boggles .. in a word "no".

Please see:
viewtopic.php?t=22603

Posted: **Wed Jul 06, 2022 9:09 pm**

Ah.. well thank you regardless. I'll have to think of another way.

Posted: **Thu Jul 07, 2022 12:13 am**

You can capture the client certificate at the server with --tls-export-cert

OpenVPN Support Forum

Revoking a user without a .crt

Revoking a user without a .crt

Re: Revoking a user without a .crt

Re: Revoking a user without a .crt

Re: Revoking a user without a .crt