[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Re: Temporarily disabling client certificates

  • Subject: [Openvpn-users] Re: Temporarily disabling client certificates
  • From: Charles Duffy <cduffy@xxxxxxxxxxx>
  • Date: Wed, 12 Jan 2005 16:51:11 -0600

On Wed, 12 Jan 2005 20:03:43 +0000, Nathan Wood wrote:

> Hi I'm running OPVN 2.0 rc6 and I'd like to set up an account that one
> of our vendors can use to tunnel in. However, I would feel more
> comfortable with this arrangement if I could have their cert disabled
> until they specifically request access. When they finish I'd like to
> disable it until they require access again.
> I would like to do this without having to send out the vendor new key
> pairs each time.
> Is there any way to do this in OpenVPN or OpenSSL?

I'd use a tls-verify script to blacklist clients which have valid
certificates but which aren't presently supposed to be able to connect.

The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Openvpn-users mailing list