openvpn crl stuff

Get your crl.pem expir date:

openssl crl -text -noout -in crl.pem

Renew your crl.pem:

./easyrsa gen-crl

It seems there is no –days argument, crl.pem’s are valid for 180 days

You can change that value by tuning the easyrsa script: search for CRL_DAYS

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.