You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be great to add user revocation and CRL management to it.
Otherwise people will still be able to connect to the VPN.
The ovpn_revokeclient CLI tool is already in place.
I guess we just have to add a revoke-user script and CRL secret.
I think the only downside is you'll need to restart the openvpn server instance to reprocess the CRL list.
We also need to add the --crl-verify option to the server config.
Perhaps it would make sense to enable this by default?
Even if the file is empty it will still allow connections
The text was updated successfully, but these errors were encountered:
It would be great to add user revocation and CRL management to it.
Otherwise people will still be able to connect to the VPN.
The
ovpn_revokeclient
CLI tool is already in place.I guess we just have to add a
revoke-user
script and CRL secret.I think the only downside is you'll need to restart the openvpn server instance to reprocess the CRL list.
We also need to add the
--crl-verify
option to the server config.Perhaps it would make sense to enable this by default?
Even if the file is empty it will still allow connections
The text was updated successfully, but these errors were encountered: