« previous next »
Pages: [1]

Author Topic: [solved] CRL check failed  (Read 2156 times)

weiliang

  • Zen Apprentice
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
[solved] CRL check failed
« on: May 24, 2013, 06:07:09 am »
I accidentally revoked one of my certificate. After that no client can connect to my vpn server, the log said : CRL CHECK FAILED: /O=cpu/CN=vpn-mdncpu is REVOKED

So I tried to renew the certificate, but the error still the same,

then  I tried to create new certificate with name vpn-mdncpu-new and change the certificate at the server setting and re-upload the new package to client, why the error still the same? vpn-mdncpu is REVOKED, I thought I'm using the new cert : vpn-mdncpu-new
« Last Edit: May 27, 2013, 06:41:45 am by weiliang »
Logged

weiliang

  • Zen Apprentice
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: CRL check failed
« Reply #1 on: May 24, 2013, 06:18:15 am »
I saw in this thread http://forum.zentyal.org/index.php?topic=4185.0 that revoked cert cannot be removed permanently. So what if there is a special situation like this? at least tell me which files should I edit or remove to clear the CRL list. Thanks.

EDIT: found them at /var/lib/zentyal/CA
« Last Edit: May 27, 2013, 06:42:51 am by weiliang »
Logged
Pages: [1]
« previous next »