renew clint certificates

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
fme
OpenVpn Newbie
Posts: 2
Joined: Fri Oct 22, 2021 8:44 am

renew clint certificates

Post by fme » Fri Oct 22, 2021 1:41 pm

Hello,

I've few questions.

What is the proper way to renew expiring client certificates with the same cn?
Can the old certificate used until its end, or is the old cert revoked, if the new one is created?

When is the index.txt updated (setting the status from V to E)? (Or was this a TinyCA GUI related stuff?)

I'm also trying to renew all client certificates because I changed the key length.

I hoped that I could simply set a future enddate in the index.txt so that people can still use the old certificate until they have exchanged it. That didn `t work. Is there a trick or did I do something wrong?

Thanks

Frank

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: renew clint certificates

Post by TinCanTech » Fri Oct 22, 2021 1:49 pm

fme wrote:
Fri Oct 22, 2021 1:41 pm
What is the proper way to renew expiring client certificates with the same cn?
Use Easy-RSA 'renew'
https://github.com/OpenVPN/easy-rsa

fme
OpenVpn Newbie
Posts: 2
Joined: Fri Oct 22, 2021 8:44 am

Re: renew clint certificates

Post by fme » Mon Oct 25, 2021 8:01 am

Thanks for your answer, but we want to user plain openssl for our scripts

Frank

Post Reply