Revoking a existing using cert making other cert disable too #25
Labels
Comments
|
Solved by myself adding : chown nobody:nogroup /etc/openvpn/crl.pem |
|
Was it on your side or is it a script's bug ? |
|
Apparently it is a script's bug #32 |
|
Hi. It turns out that when revoking a client, script manipulates a crl.pem file - and it gives it wrong permissions of being readable only by the owner. I added read permission for the group and others (as per dh.pem) and it went through. I noticed it after reading through a syslog and a line:
Perhaps the script needs setting the umask at some point? |
robiiinos
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I've found something by using your script. After adding one or many users with your scripts; when I try to revoke a existing user; it revoke him but also make all other cert unaivalable to use. Any other cert remaining on the current server are like "disabled" and even deleting all cert and re-making them one by one doesn't func...
[French]
Bonjour;
J'ai vu en utilisant ton script et après avoir ajouter plusieurs utilisateurs; que lorsqu'on en revoke un seul, tous les autres cert sont unitilsables... Plus aucun ne marche peut importe la configuration :(
Même en supprimant toutes les cert et en les re-créant; cela ne marche pas...
PS : J'attend impatiemment la màj pour OpenVPN 2.4.0 pour Debian et les DNS locaux 👍
The text was updated successfully, but these errors were encountered: