This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
content:en_us:7_ug_openvpn [2020/03/24 10:15] 84.9.57.48 |
content:en_us:7_ug_openvpn [2020/03/25 08:16] 84.9.57.48 |
||
---|---|---|---|
Line 128: | Line 128: | ||
Currently this is a manual process. Start by initialising the file /etc/pki/CA/crlnumber:<code>echo 1000 > /etc/pki/CA/crlnumber</code> | Currently this is a manual process. Start by initialising the file /etc/pki/CA/crlnumber:<code>echo 1000 > /etc/pki/CA/crlnumber</code> | ||
Create a file in /etc/cron.monthly. I used /etc/cron.monthly/openssl_crl. In it put:<code>openssl ca -gencrl -crldays 45 -config /usr/clearos/apps/certificate_manager/deploy/openssl.cnf \ | Create a file in /etc/cron.monthly. I used /etc/cron.monthly/openssl_crl. In it put:<code>openssl ca -gencrl -crldays 45 -config /usr/clearos/apps/certificate_manager/deploy/openssl.cnf \ | ||
- | -out /etc/pki/CA/crl/crl.pem | + | -out /etc/pki/CA/crl/crl.pem \ |
- | -keyfile /etc/pki/CA/private/ca-key.pem | + | -keyfile /etc/pki/CA/private/ca-key.pem \ |
-cert /etc/pki/CA/ca-cert.pem > /dev/null 2>&1</code>And make the file executable:<code>chmod 0744 /etc/cron.monthly/openssl_crl</code>Then execute the file:<code>/etc/cron.monthly/openssl_crl</code>You should now find you have a file /etc/pki/CA/crl/crl.pem. | -cert /etc/pki/CA/ca-cert.pem > /dev/null 2>&1</code>And make the file executable:<code>chmod 0744 /etc/cron.monthly/openssl_crl</code>Then execute the file:<code>/etc/cron.monthly/openssl_crl</code>You should now find you have a file /etc/pki/CA/crl/crl.pem. | ||