I am in same conditions of this topic viewtopic.php?t=18671 but following the thread we are not able to establish the connectivity indeed.
So currently we are in the condition where:
- all CA.cert at client side and server side are expired
- the server.cert is expired
tried to run:
Code: Select all
openssl x509 -in caOld.crt -days 36500 -out caNew.crt -signkey caOld.key
openssl verify -CAfile caNew.crt test.crt
test.crt: OK
To generate the new server certificate we used:
Code: Select all
openssl genrsa -out serverNew.key 2048
openssl req -new -key serverNew.key -out serverNew.csr
openssl x509 -req -in serverNew.csr -CA caNew.crt -CAkey caOld.key -CAcreateserial -out serverNew.crt -days 500 -sha256
Other question, adding this line at the server side
Code: Select all
tls-cipher "DEFAULT:@SECLEVEL=0"
Thank you in advance for your support!