mirror of
https://github.com/namibia/openvpn-install.git
synced 2024-12-23 07:18:54 +00:00
Merge pull request #109 from jellemdekker/fix/expired-crl
Extended the expiration date of the certificate revocation list to 10 years
This commit is contained in:
commit
b61973516b
@ -137,7 +137,7 @@ if [[ -e /etc/openvpn/server.conf ]]; then
|
|||||||
CLIENT=$(tail -n +2 /etc/openvpn/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | sed -n "$CLIENTNUMBER"p)
|
CLIENT=$(tail -n +2 /etc/openvpn/easy-rsa/pki/index.txt | grep "^V" | cut -d '=' -f 2 | sed -n "$CLIENTNUMBER"p)
|
||||||
cd /etc/openvpn/easy-rsa/
|
cd /etc/openvpn/easy-rsa/
|
||||||
./easyrsa --batch revoke $CLIENT
|
./easyrsa --batch revoke $CLIENT
|
||||||
./easyrsa gen-crl
|
EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl
|
||||||
rm -rf pki/reqs/$CLIENT.req
|
rm -rf pki/reqs/$CLIENT.req
|
||||||
rm -rf pki/private/$CLIENT.key
|
rm -rf pki/private/$CLIENT.key
|
||||||
rm -rf pki/issued/$CLIENT.crt
|
rm -rf pki/issued/$CLIENT.crt
|
||||||
@ -418,7 +418,7 @@ WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
|
|||||||
openssl dhparam -out dh.pem $DH_KEY_SIZE
|
openssl dhparam -out dh.pem $DH_KEY_SIZE
|
||||||
./easyrsa build-server-full server nopass
|
./easyrsa build-server-full server nopass
|
||||||
./easyrsa build-client-full $CLIENT nopass
|
./easyrsa build-client-full $CLIENT nopass
|
||||||
./easyrsa gen-crl
|
EASYRSA_CRL_DAYS=3650 ./easyrsa gen-crl
|
||||||
# generate tls-auth key
|
# generate tls-auth key
|
||||||
openvpn --genkey --secret /etc/openvpn/tls-auth.key
|
openvpn --genkey --secret /etc/openvpn/tls-auth.key
|
||||||
# Move all the generated files
|
# Move all the generated files
|
||||||
|
Loading…
Reference in New Issue
Block a user