ovpn-admin
ovpn-admin copied to clipboard
flant
Unrevoked certs unable to revoke again
Unrevoked serts not deleted from "revoked" directory, so unable to revoke sert previously unrevoked. After restore revoked certs it must be deleted from 3 directories: revoked/certs_by_serial, revoked/private_by_serial , revoked/reqs_by_serial.
If I manually delete unrevoked cert from thise 3 directories, it is able to revoke again
10.08.2022 13:34, Ilya Sosnovsky пишет:
which version are you using?
— Reply to this email directly, view it on GitHub https://github.com/flant/ovpn-admin/issues/135#issuecomment-1210485438, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACLFIKUG7VA6X45MJB7PGG3VYOATDANCNFSM56D7RGVA. You are receiving this because you authored the thread.Message ID: @.***>
prebuild 1.7.5
-- wbr, Alexandr S. Yatulchik mailto: @.***
prebuild with custom setup configuration? which OS do you use? and what version of easy rsa?
and how this error looks like?
10.08.2022 13:52, Ilya Sosnovsky пишет:
prebuild with custom setup configuration? which OS do you use? and what version of easy rsa?
Rocky Linux 8.6, installed and updated today.
OpenVpn setuped by script https://github.com/Nyr/openvpn-install
ovpn-admin started with: ./ovpn-admin --easyrsa.path="/etc/openvpn/server/easy-rsa/" --easyrsa.index-path="/etc/openvpn/server/easy-rsa/pki/index.txt" --templates.clientconfig-path="/etc/openvpn/server/client.conf.tpl" --templates.ccd-path="/etc/openvpn/server/ccd.tpl" --ccd --ccd.path="/etc/openvpn/server/ccd" --ovpn.network="10.200.0.0/24"
Easy-RSA 3
-- wbr, Alexandr S. Yatulchik mailto: @.***
hmm, very interesting, right now we are using easyrsa v3.0.8, and the script you provided uses v3.1.0 we haven't tested this version yet, I see a lot of new features in it. we need to check this version because right now it's just a warning when а file already exist in target dir - like so
ovpn-admin_1 | time="2022-08-10T10:47:39Z" level=debug msg="Using configuration from /mnt/easyrsa/pki/easy-rsa-1191.OHZLaW/tmp.ZrMAOg\nRevoking Certificate 0E5F56145D64CBF2E4C09D11500A51E9.\nData Base Updated\nmv: '/mnt/easyrsa/pki/issued/wer.crt' and '/mnt/easyrsa/pki/revoked/certs_by_serial/0E5F56145D64CBF2E4C09D11500A51E9.crt' are the same file\nmv: '/mnt/easyrsa/pki/reqs/wer.req' and '/mnt/easyrsa/pki/revoked/reqs_by_serial/0E5F56145D64CBF2E4C09D11500A51E9.req' are the same file\nmv: '/mnt/easyrsa/pki/private/wer.key' and '/mnt/easyrsa/pki/revoked/private_by_serial/0E5F56145D64CBF2E4C09D11500A51E9.key' are the same file\nmv: '/mnt/easyrsa/pki/private/wer.key' and '/mnt/easyrsa/pki/revoked/private_by_serial/0E5F56145D64CBF2E4C09D11500A51E9.key' are the same file\nUsing configuration from /mnt/easyrsa/pki/easy-rsa-1230.vrf6w3/tmp.sHtsHe\n"
10.08.2022 13:52, Ilya Sosnovsky пишет:
prebuild with custom setup configuration? which OS do you use? and what version of easy rsa?
and how this error looks like?
— Reply to this email directly, view it on GitHub https://github.com/flant/ovpn-admin/issues/135#issuecomment-1210504902, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACLFIKQOZR5G4CF3I6KEP2DVYOCVDANCNFSM56D7RGVA. You are receiving this because you authored the thread.Message ID: @.***>
prebuild: https://github.com/flant/ovpn-admin/releases/download/1.7.5/ovpn-admin-linux-amd64.tar.gz
-- wbr, Alexandr S. Yatulchik mailto: @.***
10.08.2022 13:52, Ilya Sosnovsky пишет:
prebuild with custom setup configuration? which OS do you use? and what version of easy rsa?
and how this error looks like?
— Reply to this email directly, view it on GitHub https://github.com/flant/ovpn-admin/issues/135#issuecomment-1210504902, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACLFIKQOZR5G4CF3I6KEP2DVYOCVDANCNFSM56D7RGVA. You are receiving this because you authored the thread.Message ID: @.***>
-- wbr, Alexandr S. Yatulchik mailto: @.***