Now it is time to upgrade the old certificates, both server and clients certs. But how to do it over the vpn without taking the system down or having to dispatch someone to each client? I was hoping to find someone's experience to follow. I've done a lot of searching for such, but no luck.
- Original ca, server and client certs were only 1024. So all will need to be re-done.
- I am good with scripting, and expect to use that to connect down the tunnels to push files and make changes.
- Possibly certificate stacking can be used to allow old and new certs to function on the server concurrently during the transition?
- I suspect i am not the only one in this predicament. Documenting this process may be of help to others also, and am willing to contribute by pulling this together.
If anyone can point me in the direction of existing HowTo's or can help layout a plan of action, i would greatly appreciate it!