good morning
I am starting a server, and I have several doubts.
1. If I want that there is no communication between the clients, is it enough to not put the client-to + client? Is there any way that an ip (administrator) can communicate?
2. The maximum validity of the certificate is 10 years if I am not mistaken. After those 10 years can I renew it without having to access all the clients?
Thank you very much for the help!
Greetings!
Client-to-client option and renew certificate.
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Mon Nov 23, 2020 9:22 am
-
- OpenVPN Expert
- Posts: 685
- Joined: Tue May 01, 2012 9:30 pm
Re: Client-to-client option and renew certificate.
You can use iptables to make it work as you like.
You can use XCA to create certificate with can set over 100 years so don't need renew certificate any more.
The Easy RSA help you first 10 years and when it is at the end 10 years you must connect to all clients and replace with new one that is land you big trouble. How can you replate remote client?
As certificate concern you can going to sub forum and learn how it is when certificate expire.
You can use XCA to create certificate with can set over 100 years so don't need renew certificate any more.
The Easy RSA help you first 10 years and when it is at the end 10 years you must connect to all clients and replace with new one that is land you big trouble. How can you replate remote client?
As certificate concern you can going to sub forum and learn how it is when certificate expire.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Mon Nov 23, 2020 9:22 am
Re: Client-to-client option and renew certificate.
Thank you very much for the answer, I am going to read about the certificates and the ip tables.
Thanks
Thanks