How Extend CA's on OpenVPN
-
Hi Guys,
My OpenVPN user complaints they can't connect to VPN upon checking i notice the CA is expired 10 AUg 2021, I would to ask if there's a way to extend the CA's validity?
My pfsense is still running on 2.3.5 p2.
Thanks,
A -
https://docs.netgate.com/pfsense/en/latest/certificates/renew.html - I don't see any renew button on my instance i'm NOT sure if it is because of the version i'm currently using.
-
@albertmiclat said in How Extend CA's on OpenVPN:
I don't see any renew button on my instance i'm NOT sure if it is because of the version i'm currently using.
That's it. The renew function was added in 2.5.
There is no possibilitly to renew a CA certificate in former versions as far as I know. CAs should be initially created with long live time.
You will have to create a new CA and hand out new certs to servers and users.If you have many user certs, maybe it can be a workaround to install a temporary 2.5.2 instance, import the CA, renew the cert and transfer the CA back to your production pfSense. But never done that.
-
Thanks for replying. I created a new CA and generate new client configuration.