CA and Server certificates expired
Posted: Mon Jun 29, 2020 11:26 am
Hi all,
I am in same conditions of this topic viewtopic.php?t=18671 but following the thread we are not able to establish the connectivity indeed.
So currently we are in the condition where:
- all CA.cert at client side and server side are expired
- the server.cert is expired
tried to run:
and then replacing this at the server side we are still not able to establsih the connection.
To generate the new server certificate we used:
Can you help me understanding how to proceed to avoid the client CA update and if we are wrong in any of the above command?
Other question, adding this line at the server side
Can we skip the CA authentication in some how at the server side?
Thank you in advance for your support!
I am in same conditions of this topic viewtopic.php?t=18671 but following the thread we are not able to establish the connectivity indeed.
So currently we are in the condition where:
- all CA.cert at client side and server side are expired
- the server.cert is expired
tried to run:
Code: Select all
openssl x509 -in caOld.crt -days 36500 -out caNew.crt -signkey caOld.key
openssl verify -CAfile caNew.crt test.crt
test.crt: OKTo generate the new server certificate we used:
Code: Select all
openssl genrsa -out serverNew.key 2048
openssl req -new -key serverNew.key -out serverNew.csr
openssl x509 -req -in serverNew.csr -CA caNew.crt -CAkey caOld.key -CAcreateserial -out serverNew.crt -days 500 -sha256
Other question, adding this line at the server side
Code: Select all
tls-cipher "DEFAULT:@SECLEVEL=0"Thank you in advance for your support!