openvpn crl stuff
Get your crl.pem expir date: Renew your crl.pem: It seems there is no –days argument, crl.pem’s are valid for 180 days You can change that value by tuning the easyrsa script: search for CRL_DAYS
Tag: easyrsa
OpenBSD 7.1 + OpenVPN + Easy-RSA
uNdEr cOnStRuCtIoN What to tune: At first set EASYRSA to a defined path like set_var EASYRSA “/etc/openvpn/easy-rsa” or you will earn some errors. Then edit the EASYRSA_REQ_* section and add your values. Check the other stuff, tune it if you want. Theres btw no need to change the openssl-easyrsa.cnf and there’s no need (like in […]
OpenBSD // OpenVPN // EasyRSA || first steps
First of all: Read the fckn manual. Preparing the server # ./easyrsa init-pki # ./easyrsa build-ca nopass # ./easyrsa gen-req SERVERID nopass # ./easyrsa sign-req server SERVERID # ./easyrsa gen-crl # ./easyrsa gen-dh Preparing a client # ./easyrsa genreq CLIENTID # ./easyrsa sign-req client CLIENTID Revoking a client # ./easyrsa revoke CLIENTID # ./easyrsa gen-crl […]
bytes and bones 