CRL file cannot be read by OpenVPN #7
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Because OpenVPN is running as "nobody:nogroup" and the CRL file must be reread at each client connection, the CRL file must be readable by everyone.
We should either change the shellpki folder and crl file permissions :
Or move the CRL file to another location.
Otherwise, the CRL file has no effect and a revoked client will still be able to connect.
Fixed by
30ef252ff5