On Wed, 28 Sep 2022 10:40:07 -0400, Joe Patterson
wrote:
>On Wed, Sep 28, 2022 at 10:08 AM Bo Berglund wrote:
>>
>> I have been using OpenVPN for a rather long time now and I have realized that
>> there is a risk tat the server certificates may expire as well as the
>> clients.
>> The servers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Bo,
the imminent release of Easy-RSA version 3.1.1 has tools to
manage your PKI with relative ease.
https://github.com/OpenVPN/easy-rsa
Command `show-expire` will list your entire PKI, a subset of
it or an individual certificate, at your
On 27/09/2022 20:47, Jan Just Keijser wrote:
Hi,
On 27/09/22 15:29, Sebastian Arcus wrote:
On 26/09/2022 13:53, Jan Just Keijser wrote:
Hi,
On 26/09/22 13:49, Sebastian Arcus wrote:
[...]
Thank you for the extra suggestions. Please find below the output of
the nbtstat commands, with
Hello,
On Wed, Sep 28, 2022 at 1:10 PM Sebastian Arcus
wrote:
>
> On 27/09/2022 21:09, tincantech wrote:
> Some updates from today's testing:
>
> Test case 1
>
> Topology: subnet
> Adapter: WinTUN
> Netbios over TCP/IP: disabled or enabled
> Result: 300kbs (for both states of NetBIOS over
I have been using OpenVPN for a rather long time now and I have realized that
there is a risk tat the server certificates may expire as well as the clients.
The servers all run on Linux (Ubuntu server and Raspberry Pi) but clients are
both Linux and Windows and actually also some ASUS routers...
On Wed, 28 Sep 2022 16:03:11 +, tincantech via Openvpn-users
wrote:
>I can only presume that you have never heard of Easy-RSA before.
I have used easy-rsa version 2 since 2013 or so to create the client OVPN files
using a script that calls Easy-Rsa functions.
It accepts the Common Name as
Hi,
On Wed, Sep 28, 2022 at 11:18:41AM -0400, Bo Berglund wrote:
>
> -BEGIN CERTIFICATE-
> block of characters
> -END CERTIFICATE-
>
This is the client certificate (that the server will validate).
> I don't know what each of these crypto sections does and if they contain some
The general form of what you want to do is:
openssl x509 -in file.crt -noout -text | grep 'Not After'
If you use the same command against the client files with the embedded
crypto, it will give you the expiration date of the first certificate
block, which *might* be your client cert, or *might*
On 27/09/2022 21:09, tincantech wrote:
Hi,
Sent with Proton Mail secure email.
--- Original Message ---
On Thursday, September 22nd, 2022 at 19:25, tincantech
wrote:
--- Original Message ---
On Thursday, September 22nd, 2022 at 15:06, Sebastian Arcus
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
Sent with Proton Mail secure email.
--- Original Message ---
On Wednesday, September 28th, 2022 at 18:18, Bo Berglund
wrote:
> On Wed, 28 Sep 2022 16:03:11 +, tincantech via Openvpn-users
> openvpn-users@lists.sourceforge.net
Hi,
Could it have something to do with SMB Multichannel...?
Sent with [Proton Mail](https://proton.me/) secure email.
--- Original Message ---
On Wednesday, September 28th, 2022 at 19:37, Selva Nair
wrote:
> Hello,
>
> On Wed, Sep 28, 2022 at 1:10 PM Sebastian Arcus wrote:
>
>> On
On Wed, Sep 28, 2022 at 11:18:41 -0400, Bo Berglund wrote:
> On Wed, 28 Sep 2022 10:40:07 -0400, Joe Patterson
> wrote:
> >
> >grep -A 100 -F '' openvpn.conf | openssl x509 -in - -noout -text
> >| grep 'Not After'
> so my OVPN files are structured like this:
>
> client
> dev tun
>
>
On 28/09/2022 16:40, Joe Patterson wrote:
The general form of what you want to do is:
openssl x509 -in file.crt -noout -text | grep 'Not After'
An easier way; this checks if the certificate expires within the next 30 days:
$ openssl x509 -noout -checkend $((30*24*3600)) -in file.crt ||
13 matches
Mail list logo