Trac #522 Signed-off-by: Gert Doering <g...@greenie.muc.de> --- doc/openvpn.8 | 5 +++++ 1 file changed, 5 insertions(+)
diff --git a/doc/openvpn.8 b/doc/openvpn.8 index 587b769..24f05bb 100644 --- a/doc/openvpn.8 +++ b/doc/openvpn.8 @@ -5068,6 +5068,11 @@ is a directory containing files named as revoked serial numbers requests a connection, where the client certificate serial number (decimal string) is the name of a file present in the directory, it will be rejected. + +Note: As the crl file (or directory) is read every time a peer connects, +if you are dropping root privileges with +.B --user, +make sure that this user has sufficient privileges to read the file. .\"********************************************************* .SS SSL Library information: .\"********************************************************* -- 2.0.5
