O'Reilly logo

OpenVPN Cookbook - Second Edition by Jan Just Keijser

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Checking expired/revoked certificates

The goal of this recipe is to give an insight into some of the internals of the OpenSSL CA commands. We will show how a certificate's status is changed from "Valid" to "Revoked", or "Expired".

Getting ready

Set up the client and server certificates using the first recipe from Chapter 2Client-server IP-only Networks. This recipe was performed on a computer running CentOS 6 Linux but it can easily be run on Windows or Mac OS.

How to do it...

  1. Before we can use plain openssl commands, there are a few environment variables that need to be set. These variables are not set in the vars file by default:
    $ cd /etc/openvpn/cookbook
    $ . ./vars
    $ export KEY_NAME=
    $ export OPENSSL_CONF=/etc/openvpn/cookbook/openssl-1.0.0.cnf ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required