This recipe shows how to configure OpenVPN to use a Certificate Revocation List (CRL). It uses the CRL created in the previous recipe. This recipe is an extension of the recipe Routing: Masquerading in Chapter 2 in the sense that the server and client configuration files are almost identical.
Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. Generate the CRL using the previous recipe. For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.1. The client was running Fedora 12 Linux and OpenVPN 2.1.1. Keep the server configuration file basic-udp-server.conf
from the Chapter 2's recipe Server-side routing at hand.