The CA cert for one of our clients expired over the weekend. We have generated a new CA cert (expires in ten years), but are having to create new client certs for 100+ users. In the limited time we had to troubleshoot this before we *had* to get a number of key sites back up and running, we could not find anything on being able to avoid doing what we are currently doing.
I figure we can't be the only ones with a (relatively) large base of users using OpenVPN, so I am wondering if there is indeed a better way, and if so, what was done to avoid the "mess" we are currently in.
Thaks for your input!
-SilkBC