The goal of this recipe is to give an insight into some of the internals of the OpenSSL CA commands. We will show how a certificate's status is changed from "Valid" to "Revoked", or "Expired".
Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. This recipe was performed on a computer running CentOS 6 Linux but it can easily be run on Windows or Mac OS.
opensslcommands, there are a few environment variables that need to be set. These variables are not set in the
varsfile by default:
$ cd /etc/openvpn/cookbook $ . ./vars $ export KEY_NAME= $ export OPENSSL_CONF=/etc/openvpn/cookbook/openssl-1.0.0.cnf ...