Revoke OPEN VPN user certificate

1) Navigate to /etc/openvpn/easy-rsa

cd /etc/openvpn/easy-rsa

2) run . ./vars

. ./vars

3) revoke the certificate

./revoke-full CertificateName

4) Move crl.pem located in keys directory to the OpenVpn’s directory

mv /etc/openvpn/easy-rsa/keys/crl.pem /etc/openvpn/

5) make sure the certificate is revoked – check index.txt in keys, there should be a “R” in the first column right next to revoked certificate

nano /etc/openvpn/easy-rsa/keys/index.txt

6) restart or stop & start the OpenVPN server for immediate effect

/etc/init.d/openvpn stop

/etc/init.d/openvpn start