How to handle expired OpenVPN Client/Server Certificates
-
I am just wondering what I should be doing with expired certificates? I have been creating Server/Client certificates with a 1 year expiry, and when they expire I have just been generating new certificates. So far I haven't deleted any certificates form the Certificate Manager.
Is there a practical way to extend the expiry date for another year, or is it better to just create new certificates?
Is that the right thing to do? Do I need to revoke the expired certificates, or should I just be deleting them? AFAIK then certificates have not been compromised in any way. (Unless my phone has been hacked and they have been exfiltrated, but I have seen no hint of that.)
-
At the moment all you can do is make new ones. Since the old ones have expired and are invalid, you can safely delete them.