openvpn list all active certificates

Solution 1:

If you're using easy-rsa, check the index.txt file in the keys folder. It should contain a list of all the issued certificates and their subjects (including CN); valid certificates start with a V and revoked ones start with an R.
The current connections are listed in the status file (in my case, openvpn-status.log in the openvpn folder).

Solution 2:

You can get a list of current connections to the OpenVPN server either by using the status command over the management interface (see http://openvpn.net/index.php/open-source/documentation/miscellaneous/79-management-interface.html), or by looking at the status file which is specified using the status line in the config files (see http://openvpn.net/index.php/open-source/documentation/howto.html#server).

If you want to know who can connect to the OpenVPN server its a bit harder. OpenVPN will let anyone in whose certificate contains a signature generated with the CA key the server is configured to use. If you are using a third party PKI infrastructure they should have records of the certificates they have issued. If you are using the easy-rsa stuff then the certs should all be in that directory.

Solution 3:

You can simply do that in this way:

# cd /etc/openvpn/easy-rsa/2.0/keys/
# cat index.txt | grep ^V | awk -F "/" '{print $7, $8}'

Lines in index.txt starts with V if the certificate is valid.

Result should looks like this:

CN=guest name=changeme