This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
vpn-server [2023/09/12 19:49] – [Routing everything over the VPN] -change to "Routing all Traffic over the VPN" hogwild | vpn-server [2023/09/12 19:50] – [Adding certificate revocation lists] -capitalize heading hogwild | ||
---|---|---|---|
Line 402: | Line 402: | ||
- | ==== Adding | + | ==== Adding |
Within the CA, you can also revoke certificates as needed. Using your preferred CA management tool, you should be able to generate a Certificate Revocation List (CRL file). Adding this to the OpenVPN server should cause all client certificates to be checked against this revocation list. Clients which have their certificates listed in the CRL will not be able to connect. This is a common way to disable access to a VPN service on a per-user level. | Within the CA, you can also revoke certificates as needed. Using your preferred CA management tool, you should be able to generate a Certificate Revocation List (CRL file). Adding this to the OpenVPN server should cause all client certificates to be checked against this revocation list. Clients which have their certificates listed in the CRL will not be able to connect. This is a common way to disable access to a VPN service on a per-user level. |