Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How Extend CA's on OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 612 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      albertmiclat
      last edited by

      Hi Guys,

      My OpenVPN user complaints they can't connect to VPN upon checking i notice the CA is expired 10 AUg 2021, I would to ask if there's a way to extend the CA's validity?

      My pfsense is still running on 2.3.5 p2.

      Thanks,
      A

      A 1 Reply Last reply Reply Quote 0
      • A
        albertmiclat @albertmiclat
        last edited by

        @albertmiclat

        https://docs.netgate.com/pfsense/en/latest/certificates/renew.html - I don't see any renew button on my instance i'm NOT sure if it is because of the version i'm currently using.

        V 1 Reply Last reply Reply Quote 0
        • V
          viragomann @albertmiclat
          last edited by

          @albertmiclat said in How Extend CA's on OpenVPN:

          I don't see any renew button on my instance i'm NOT sure if it is because of the version i'm currently using.

          That's it. The renew function was added in 2.5.

          There is no possibilitly to renew a CA certificate in former versions as far as I know. CAs should be initially created with long live time.
          You will have to create a new CA and hand out new certs to servers and users.

          If you have many user certs, maybe it can be a workaround to install a temporary 2.5.2 instance, import the CA, renew the cert and transfer the CA back to your production pfSense. But never done that.

          A 1 Reply Last reply Reply Quote 1
          • A
            albertmiclat @viragomann
            last edited by

            @viragomann

            Thanks for replying. I created a new CA and generate new client configuration.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.