<![CDATA[How to handle expired OpenVPN Client/Server Certificates]]>I am just wondering what I should be doing with expired certificates? I have been creating Server/Client certificates with a 1 year expiry, and when they expire I have just been generating new certificates. So far I haven't deleted any certificates form the Certificate Manager.

Is there a practical way to extend the expiry date for another year, or is it better to just create new certificates?

Is that the right thing to do? Do I need to revoke the expired certificates, or should I just be deleting them? AFAIK then certificates have not been compromised in any way. (Unless my phone has been hacked and they have been exfiltrated, but I have seen no hint of that.)

]]>https://forum.netgate.com/topic/144511/how-to-handle-expired-openvpn-client-server-certificatesRSS for NodeMon, 15 Jun 2026 14:29:24 GMTFri, 28 Jun 2019 06:19:20 GMT60<![CDATA[Reply to How to handle expired OpenVPN Client/Server Certificates on Fri, 28 Jun 2019 14:34:41 GMT]]>At the moment all you can do is make new ones. Since the old ones have expired and are invalid, you can safely delete them.

]]>https://forum.netgate.com/post/850784https://forum.netgate.com/post/850784Fri, 28 Jun 2019 14:34:41 GMT