Sorry for the delay JJK
At the time of your reply, the way I get the clients certificate is from a
database which has all client certificates allowed to authenticate.
As you may already know, there is tls-export-cert directive from where you
get all the client chain certificates.
Jorge Peixoto
2011/12/6 Jan Just Keijser <janj...@nikhef.nl>
> Jorge Luiz Silva Peixoto wrote:
> > I have pass through this: I tried to used "--crl" e "--capath"
> > parameters without success. Now, I'm doing all my cerfitication checks
> > on tls-verify script running basically this command: openssl verify
> > -CApath /var/run/openvpn/capath -crl_check_all $CERT.
> just wondering: where do you get the contents of the client side
> certificate from?
> I've just updated my Errata page
> (http://www.nikhef.nl/~janjust/vpn/OpenVPN2-Cookbook/errata.html)
>
> with a script on how to check for revoked certificates using only the
> DN+ serial number.
>
> thx,
>
> JJK
>
>
>
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users
