[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Revoking certificates

  • Subject: Re: [Openvpn-users] Revoking certificates
  • From: Charles Duffy <cduffy@xxxxxxxxxxx>
  • Date: Mon, 24 Jul 2006 13:44:53 -0500

Chris Cameron wrote:
> I followed "Revoking Certificates" in the howto from the website. It
> looks like it works, I add:
> crl-verify /etc/openvpn/keys/crl.pem
> But restarting OpenVPN, it dies on:
> Jul 24 09:57:57 carp0 openvpn[29518]: CRL: cannot
> read: /etc/openvpn/keys/crl.pem: Permission denied (errno=13)
> crl.pem was permissioned rw by root, and read by everyone else. I
> changed this to rw by everyone but it still gives permission denied.

Are you using a chroot directive?

Is the keys directory +rx for nobody? (If you don't want it to be, and I 
wouldn't, then you might consider keeping the CRL outside of the keys 

OpenVPN mailing lists