Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to handle expired OpenVPN Client/Server Certificates

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      guardian Rebel Alliance
      last edited by guardian

      I am just wondering what I should be doing with expired certificates? I have been creating Server/Client certificates with a 1 year expiry, and when they expire I have just been generating new certificates. So far I haven't deleted any certificates form the Certificate Manager.

      Is there a practical way to extend the expiry date for another year, or is it better to just create new certificates?

      Is that the right thing to do? Do I need to revoke the expired certificates, or should I just be deleting them? AFAIK then certificates have not been compromised in any way. (Unless my phone has been hacked and they have been exfiltrated, but I have seen no hint of that.)

      If you find my post useful, please give it a thumbs up!
      pfSense 2.7.2-RELEASE

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        At the moment all you can do is make new ones. Since the old ones have expired and are invalid, you can safely delete them.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.