[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Delete certificates

  • Subject: Re: [Openvpn-users] Delete certificates
  • From: Leonardo Rodrigues Magalhães <leolistas@xxxxxxxxxxxxxx>
  • Date: Mon, 04 Jun 2007 20:16:48 -0300

Lars Bonnesen escreveu:
> But... Doing so, I am not allowed to connect even with certificates 
> not being revoked. I get a:
> CRL: cannot read: ...... : Permission denied.
> The file is there, tried to grant all access to the file, but no 
> change...

    Yeah .... you're having permission problems on the file.

    Please note that OpenVPN starts as root, read all the key (CA, 
server, etc) as root and then drop privileges to the desired user. In 
your case, nobody.

    The CRL file is the only key file that is read again in each 
connection. So, it must be readable to the low-privilege user you choose.

    The error you're having simply indicates that OpenVPN is not being 
able to read the file.

    Fix the permissions problem. Check file permissions as well as 
directory permissions.

    When OpenVPN is able to read crl.pem file, you'll get things working 
the desired way.


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia

	Minha armadilha de SPAM, NÃO mandem email
	My SPAMTRAP, do not email it

Openvpn-users mailing list