Welcome to Halil Demirezen's Tips Page

LinuxNetworkComputer VisionDatabasesProgrammingvmware

VPN: OpenVPN client-to-client CRL has expired; [easy-rsa 3] 2019-03-22 09:34:56

If you get "VERIFY ERROR: depth=0, error=CRL has expired: CN=windowsClient" error in your openvpn.log file while at the same time non of your clients can connect to the vpn server, follow the command below:

cd /etc/openvpn

/usr/share/easy-rsa/3/easyrsa gen-crl

cp /etc/openvpn/pki/crl.pem /etc/openvpn/

systemctl restart openvpn@server

This will fix the issue.