To remove the openVPN user, the certificate of the user must be revoked. Deleting the certificate will NOT work and user will still have access to the openVPN. Ensure the cert and private key is inside before you proceed. Copy from the client if you do not have the cert and private key.
Your cert file should look like this:
username.crt username.key
cd to the root folder of your easy-rsa 2.0:
cd /etc/openvpn/easy-rsa/2.0/
Run the command below to revoke the certificate for the user:
./revoke-full username
Add the below line to your server.conf if it doesn't exist:
vi /etc/openvpn/server.conf crl-verify /etc/openvpn/keys/crl.pem
Restart the openVPN:
systemctl restart openvpn@server
Leave a Reply