← Back to branch summary

~ubuntu-branches/ubuntu/raring/openvpn/raring-proposed

« back to all changes in this revision

Viewing changes to easy-rsa/2.0/README

  • Committer: Bazaar Package Importer
  • Author(s): Alberto Gonzalez Iniesta
  • Date: 2006-04-05 12:17:26 UTC
  • mto: (1.3.3 upstream) (10.1.1 lenny)
  • mto: This revision was merged to the branch mainline in revision 6.
  • Revision ID: james.westby@ubuntu.com-20060405121726-btck979dumiwfrte
Tags: upstream-2.0.6
ImportĀ upstreamĀ versionĀ 2.0.6

Show diffs side-by-side

added added

removed removed

Lines of Context:
easy-rsa/2.0/README
47
47
* This release only affects the Linux/Unix version of easy-rsa.
48
48
  The Windows version (written to use the Windows shell) is unchanged.
49
49
 
 
50
* Use the revoke-full script to revoke a certificate, and generate
 
51
  (or update) the crl.pem file in the keys directory (as set by the
 
52
  vars script).  Then use "crl-verify crl.pem" in your OpenVPN server
 
53
  config file, so that OpenVPN can reject any connections coming from
 
54
  clients which present a revoked certificate.  Usage for the script is:
 
55
 
 
56
    revoke-full <common-name>
 
57
 
 
58
  Note this this procedure is primarily designed to revoke client
 
59
  certificates. You could theoretically use this method to revoke
 
60
  server certificates as well, but then you would need to propagate
 
61
  the crl.pem file to all clients as well, and have them include
 
62
  "crl-verify crl.pem" in their configuration files.
 
63
 
50
64
INSTALL easy-rsa
51
65
 
52
66
1. Edit vars.