CRL Storage Location

Started by leacho73, December 15, 2021, 01:04:41 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 15, 2021, 01:04:41 PM
Hi All,

Does anyone know where the CRL's are stored in OpnSense once written to the file system, and is it possible to manually copy a new version over when an external CRL has been updated?

I have an external CA which generates and revokes certs via a number of scripts, and I would like to update the CRL every time that the external CA does by SCP'ing a new CRL file over to my OpnSense server.

Thanks
Leacho
December 15, 2021, 01:14:38 PM #1
The CRL implementation is internal and needs to be managed from the box as the system will generate a CRL based on what it knows, not what a CRL already compiled from somewhere else might contain.

The feature is really only used for a local CA giving out certificates for OpenVPN.


Cheers,
Franco
December 15, 2021, 03:37:45 PM #2
Thanks @Franco - That could work actually

Do you know if there is a way via API or other method to automate the user creation and deletion for OpenVPN out of interest?

Cheers
Leacho
Print
Go Up Pages1
User actions