I modified the following lines in openssl.cnf to look like this:

default_days   = 3650         # how long to certify for
default_crl_days= 3650         # how long before next CRL

Then regenerated the CRL:

openssl ca  -gencrl -keyfile keys/ca.key -cert keys/ca.crt  -out
keys/crl.pem -config ./openssl.cnf

Now with openvpn 2.4 the clients are connecting fine.

Regards,
Laszlo Kertesz

Reply via email to