[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Certificate problem


  • Subject: Re: [Openvpn-users] Certificate problem
  • From: Jon Bendtsen <jon.bendtsen@xxxxxxxxxx>
  • Date: Fri, 17 Dec 2004 19:18:53 +0100

Den 17. dec 2004, kl. 17:07, skrev Marc-Christian Petersen:

Hi all,

I've written a web based creation tool for certificates, revoking them,
deleting them etc. for my local users. Now if I delete a user, the
certificate must become revoked in /etc/ssl/index.txt and OpenVPN refuses to
initiate a connection if I have an updated crl.pem file.


So far so good. The problem now is that when I create a new user with the same
name, same common name etc. so that the index.txt entry is exactly the same I
have one entry which has status R and one which has status V. I think you
know what I mean now. The user with the old certificate is still able to
connect because of the same common name used.

i dont think so. I'm sure that the CRL uses the unique serial number and not
the common name.




JonB


____________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users