Renewal of CA Certificate with active Client Certificates
-
We have:
- CA for VPN valid until 2022-10-01
- Clients issued by this CA with longer validity, e.g. until 2023-01-10
We tried renewal of the CA Certificate in the web gui with "reuse key" checked, but clients with Client Certificates issued by the old CA Certificate can't connect to the VPN Server anymore, when the new CA Certificate is active.
Is there a way to renew the CA Certificate so that VPN clients issued by the old CA Certificate can still be verified?
-
You'll need an additional fix to also retain the existing serial number of the CA.
-
Thank you so much! That solution worked :)
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.