OpenVPN - Renew CRL

    • OMV 4.x
    • Resolved

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • OpenVPN - Renew CRL

      In the last days I've lost the ability to connect to my OMV (4.1.20-1) trough OpenVPN (4.0.3)... and I didn't understand why, so I went looking for the log and ...

      -------------------------------------------------------------------------------------------------------------------------------
      Tue Mar 26 00:00:35 2019 XXX.63.25.XXX:61921 VERIFY ERROR: depth=0, error=CRL has expired: CN=...
      -------------------------------------------------------------------------------------------------------------------------------

      Checking the certificate with: "openssl crl -in /etc/openvpn/pki/crl.pem -text" I get:

      --------------------------------------------------------------------------
      Certificate Revocation List (CRL):
      Version 2 (0x1)
      Signature Algorithm: sha256WithRSAEncryption
      Issuer: /CN=ChangeMe
      Last Update: Sep 16 10:43:52 2018 GMT
      Next Update: Mar 15 10:43:52 2019 GMT
      CRL extensions:
      X509v3 Authority Key Identifier:
      --------------------------------------------------------------------------

      ?( My question is, what is the procedure to renew the certificate in OMV? ?(
    • rmms wrote:

      solved.... not by renew ... but ... it worked...

      1. Remove plugin openvpn
      2. delete the directory "/etc/openvpn/"
      3. install plugin openvpn
      4. configure plugin

      and it should work again...
      I found a way to renew the crl.pem without reinstall de plugin.

      Shell-Script

      1. cd /etc/openvpn
      2. /opt/EasyRSA-3.0.3/easyrsa gen-crl #Note: EasyRSA folder may variate between versions
      3. service openvpn restart
    • Users Online 1

      1 Guest