pfsense:certificates:revoke_certificate
This is an old revision of the document!
Table of Contents
PFSense - Certificates - Revoke Certificate
- Create a new revocation list from System → CertManager → CertificateRevocation.
- Add the certificates that you do not want to be active any more.
- Assign the new revocation list to the vpn server in my case VPN → OpenVPN → Servers.
You can easily choose your revocation list from the Peer Certificate Revocation list.
NOTE: Do not need to restart or refresh the change is immediately.
Create new Revocation List
Navigate to System → Cert Manager.
Select Certificate Revocation.
- Click Add or Import CRL.
In Create new Revocation List:
- Method: Create an Internal Certificate Revocation List..
- Descriptive name: ShareWiz OpenVPN - Revocation List.
- Certificate Authority: ShareWiz OpenVPN - CA. Select here a CA that is already created.
In Internal Certificate Revocation List:
- Lifetime (Days): 3650.
- Serial: 0. Default.
- Click Save.
Revocation List is shown as created
Add a user certificate to the Revocation List
Navigate to System → Cert.Manager → Certificate Revocation.
- Click the Pencil Icon to Edit CRL.
pfsense/certificates/revoke_certificate.1613670399.txt.gz · Last modified: 2021/02/18 17:46 by peter