Page 1 of 1

Client-to-client option and renew certificate.

Posted: Tue Apr 13, 2021 7:05 am
by Atara
good morning

I am starting a server, and I have several doubts.
1. If I want that there is no communication between the clients, is it enough to not put the client-to + client? Is there any way that an ip (administrator) can communicate?
2. The maximum validity of the certificate is 10 years if I am not mistaken. After those 10 years can I renew it without having to access all the clients?

Thank you very much for the help!

Greetings!

Re: Client-to-client option and renew certificate.

Posted: Tue Apr 13, 2021 2:08 pm
by 300000
You can use iptables to make it work as you like.

You can use XCA to create certificate with can set over 100 years so don't need renew certificate any more.

The Easy RSA help you first 10 years and when it is at the end 10 years you must connect to all clients and replace with new one that is land you big trouble. How can you replate remote client?

As certificate concern you can going to sub forum and learn how it is when certificate expire.

Re: Client-to-client option and renew certificate.

Posted: Tue Apr 20, 2021 7:34 am
by Atara
Thank you very much for the answer, I am going to read about the certificates and the ip tables.

Thanks