CA expired - seeking how avoiding connect to each client

Scripts to manage certificates or generate config files
Post Reply
rmorgade
OpenVpn Newbie
Posts: 1
Joined: Mon Jan 21, 2019 2:35 pm

CA expired - seeking how avoiding connect to each client

Post by rmorgade » Mon Jan 21, 2019 2:40 pm

Dear all,

We are facing a huge problem with our OpenVPN solution. Our ca.crt has expired this weekend.

After reading a lot this morning we managed to recreate a new ca.crt with same Modulus as the old one. But still the way to go seems to be to copy that new ca.crt to ALL the clients.

Our projects do not allow this easily, because they are worldwide, difficult access, etc

Can anyone thing of any possibility, ANY, which might avoid have to connect to all of them? We are open to lack security for a while until fix it pemanently (yes, lacking security is not in consonance with VPN... but, you know, desperate times...)

Thanks in advance

er4z0r
OpenVpn Newbie
Posts: 3
Joined: Fri May 24, 2019 6:38 am

Re: CA expired - seeking how avoiding connect to each client

Post by er4z0r » Fri May 24, 2019 6:42 am

Hi,

I ran into the same problem last week. Got any fixes?

The solution from viewtopic.php?t=18671 didn't work for me.
Maybe it's because the new ca.crt hast a key-size of 2048?

Post Reply