Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Revoking access to a user in OpenVPN?


    I just set up an OpenVPN server following the official Debian Wiki instructions for OpenVPN.

    I would like to know if there's a way to revoke access to a specific user. Let's say I issue user1.crt and user2.crt (along with its corresponding .key files of course). If user2 loses his certificate and key or gets stolen, user2 could potentially compromise the security of the OpenVPN LAN, therefore, would it be possible to revoke the current certificate for user2 and then reissue a new one for him? This way, the attacker would only have the old version of the files, and the server would not allow the attacker to enter the server.

    I would rather not use password-based encryption for these .key files, but just like with PGP keys, revoke them and render them 100% useless without having to revoke all OpenVPN keys for all clients and the server itself.


  2. #2
    Look into the crl-verify server option.

  3. #3
    Just Joined!
    Join Date
    Mar 2003
    Or you can invalidate or revoke the certificate see h t t p:// and h t t p://

  4. $spacer_open

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts