kylemanna/docker-openvpn

Auto CRL check

Open

#101 opened on Jan 29, 2016

View on GitHub
 (20 comments) (0 reactions) (0 assignees)Shell (2,336 forks)batch import
bugenhancementhelp wanted

Repository metrics

Stars
 (8,506 stars)
PR merge metrics
 (No merged PRs in 30d)

Description

Hello, I try to revoke a client certificate using the commands shown in the documentation:

docker run --rm -i --volumes-from vpn -e "EASYRSA_BATCH=1" kylemanna/openvpn easyrsa revoke toto
docker run --rm -i --volumes-from vpn kylemanna/openvpn easyrsa gen-crl

The process seems to be ok, but when I try to connect to vpn with my revocated certificate, it works... The docker-openvpn logs:

Fri Jan 29 23:17:04 2016 172.17.0.1:41187 CRL CHECK OK: CN=blah
Fri Jan 29 23:17:04 2016 172.17.0.1:41187 VERIFY OK: depth=1, CN=blah
Fri Jan 29 23:17:04 2016 172.17.0.1:41187 CRL CHECK OK: CN=toto
Fri Jan 29 23:17:04 2016 172.17.0.1:41187 VERIFY OK: depth=0, CN=toto

Does this reaction normal ?

Contributor guide