Miscellaneous openVPN issues

From Notes_Wiki
Revision as of 11:24, 8 April 2014 by Saurabh (talk | contribs) (Created page with "<yambe:breadcrumb>Openvpn_server_configuration|Openvpn server configuration</yambe:breadcrumb> =Miscellaneous openvpn issues= ==Adding CRL (Certificate Revocation List) confi...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

<yambe:breadcrumb>Openvpn_server_configuration|Openvpn server configuration</yambe:breadcrumb>

Miscellaneous openvpn issues

Adding CRL (Certificate Revocation List) configuration to openvpn server

For CRL support use revoke option as specified in easy-rsa to generate CRL file. Then in server.conf use 'crl-verify <crl-file>' option



Inline certificate, keys and tls-auth configuration

If preferred then it is possible to specify CA certificate, client or server certificate, client or server key and tls-auth in the configuration file itself as follows:

           <ca>
           -----BEGIN CERTIFICATE-----
           [...]
           -----END CERTIFICATE-----
           </ca>

For other values use tags key, cert, dh, secret and tls-auth. Refer to 'man openvpn' for more information.



<yambe:breadcrumb>Openvpn_server_configuration|Openvpn server configuration</yambe:breadcrumb>