Hi All,
My Server and Client Certificates expired this morning at the beginning of the work week. Lol. I had a good laugh. Anyway, I found how to renew them after some searching. I used the commands:
./easyrsa.real renew server nopass
./easyrsa.real renew client nopass
I then copied the new Server and Client certs and keys to the proper locations. Although the users can now log back in, I am curious as to why when I run the command easy-rsa show-expire, I am seeing a SERIAL MISMATCH.
The db_serial shows one serial and the cert serial is different. Do I need to update the db? How do I do that? Any help is appreciated as so far, I haven't been able to find that info.
Serial Mismatch
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Jul 06, 2023 9:12 pm
Re: Serial Mismatch
Hi All, After more searching, I am realizing that the index file still has the serial for the old server and client certificates. Is there a built in utility or some other means to update this file? I guess I just figured this would have happened automatically after I renewed the certificates. Appreciating any help.