Menu
▾
▴
Re: [Openvpn-users] error: "CRL cannot read CRL from file <file>"
|
From: Stefano B. <st...@pr...> - 2004-02-10 09:34:42
|
On Mon, Feb 09, 2004 at 10:49:59AM +0000, Lumir Unzeitig wrote: > Hi, > > please, describe me the right CRL file format. > > > > I've red it should be PEM format. > > I put there both certificate with the ascii header (validity info,...) and only > > the certificate (the file with ----BEGIN CERTICATE---- <key portion> ----- END > > CERTIFICATE -----) but both are probably wrong. > > When I tried to connect I got the error in log file CRL: cannot read CRL from > > file <crl file>. You should generate a valid crl file: stefano@achille /mnt/storage/servizi/ict/sslCA# openssl ca -gencrl -out crl.pem Using configuration from /etc/ssl/openssl.cnf Enter pass phrase for ./demoCA/private/cakey.pem: root@achille /mnt/storage/servizi/ict/sslCA# ... mars:/home/stefano/snapshots/openvpn/test # cat crl.pem -----BEGIN X509 CRL----- MIIB4zCBzDANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMCSVQxDjAMBgNVBAgT ... xYBRogWXpA== -----END X509 CRL----- Try this! Regards, Stefano. |
