Den 17. dec 2004, kl. 17:07, skrev Marc-Christian Petersen:
I've written a web based creation tool for certificates, revoking them,
deleting them etc. for my local users. Now if I delete a user, the
certificate must become revoked in /etc/ssl/index.txt and OpenVPN
initiate a connection if I have an updated crl.pem file.
So far so good. The problem now is that when I create a new user with
name, same common name etc. so that the index.txt entry is exactly the
have one entry which has status R and one which has status V. I think
know what I mean now. The user with the old certificate is still able
connect because of the same common name used.
i dont think so. I'm sure that the CRL uses the unique serial number
the common name.
Openvpn-users mailing list