Lost data

Scripts to manage certificates or generate config files
Post Reply
mrozmiarek
OpenVpn Newbie
Posts: 4
Joined: Tue Jun 25, 2019 11:27 am

Lost data

Post by mrozmiarek » Tue Jun 25, 2019 11:32 am

Hello.

I have a problem, I lost the easy-rsa with the server certificates. Currently, I have no chance recovery tahat. I have file and CA.crt and user cert and key. Is it possible to recover it? :?:

ca /etc/openvpn/easy-rsa/keys/ca.crt # generated keys
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # keep secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem

Please help :(

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6032
Joined: Fri Jun 03, 2016 1:17 pm

Re: Lost data

Post by TinCanTech » Tue Jun 25, 2019 11:41 am

If you have lost your ca.key then start a new PKI from scratch.

mrozmiarek
OpenVpn Newbie
Posts: 4
Joined: Tue Jun 25, 2019 11:27 am

Re: Lost data

Post by mrozmiarek » Tue Jun 25, 2019 12:01 pm

old client can connect to new PKI?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6032
Joined: Fri Jun 03, 2016 1:17 pm

Re: Lost data

Post by TinCanTech » Tue Jun 25, 2019 12:04 pm

If you have lost your ca.key then your PKI is of no further use.

Your current VPN will continue to work but you cannot sign any new certificates.

mrozmiarek
OpenVpn Newbie
Posts: 4
Joined: Tue Jun 25, 2019 11:27 am

Re: Lost data

Post by mrozmiarek » Tue Jun 25, 2019 12:15 pm

OK but I don't have server.crt, server.key and dh1024.pem. So if I generate new PKI and config then old user connected to new VPN Server ?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6032
Joined: Fri Jun 03, 2016 1:17 pm

Re: Lost data

Post by TinCanTech » Tue Jun 25, 2019 12:30 pm

If you make a new PKI with a new server then your client will not be able to connect until the client has a new certificate and copy of the new ca.crt

mrozmiarek
OpenVpn Newbie
Posts: 4
Joined: Tue Jun 25, 2019 11:27 am

Re: Lost data

Post by mrozmiarek » Wed Jun 26, 2019 9:21 am

ok. I have ca.key, how I can restore CA.crt?

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 6032
Joined: Fri Jun 03, 2016 1:17 pm

Re: Lost data

Post by TinCanTech » Wed Jun 26, 2019 2:49 pm

Every client and server using the same PKI has a copy of the ca.crt

Post Reply