<\/p>\n\n\n\n
Taken from here:<\/p>\n\n\n\n
https:\/\/buger.dread.cz\/openvpn-expired-certificates.html<\/a><\/p>\n\n\n\n On 18.08.2020<\/p>\n\n\n\n <\/p>\n\n\n\n Thank you man, very useful.<\/p>\n\n\n\n 2018-11-13 00:00 | tags: linux<\/a>vpn<\/a>openvpn<\/a><\/p>\n\n\n\n In case that CA certificate (lets name it ca.crt) gets expired, clients can’t connect to the OpenVPN server anymore. You need to generate new CA certificate signed with the same key (usually named ca.key) as the old one to avoid the need to regenerate all client certificates also.<\/p>\n\n\n\n Use following command to do so:<\/p>\n\n\n\n In case that server certificate gets expired, simply generate new one using easy-rsa scripts:<\/p>\n\n\n\n When client certificate gets expired, you can generate new one using previous .csr file this way:<\/p>\n\n\n\n https:\/\/buger.dread.cz\/openvpn-expired-certificates.html<\/p><\/blockquote>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" Taken from here: https:\/\/buger.dread.cz\/openvpn-expired-certificates.html On 18.08.2020 Thank you man, very useful. OpenVPN – expired certificates 2018-11-13 00:00 | tags: linuxvpnopenvpn Server certificates CA certificate In case that CA certificate (lets name it ca.crt) gets expired, clients can’t connect to the OpenVPN server anymore. You need to generate new CA certificate signed with the same key … <\/p>\nOpenVPN – expired certificates<\/a><\/h1>\n\n\n\n
Server certificates<\/h1>\n\n\n\n
CA certificate<\/h2>\n\n\n\n
openssl x509 -in ca.crt -days 36500 -out ca.crt.new -signkey ca.key\n<\/pre>\n\n\n\n
Server certificate<\/h2>\n\n\n\n
. vars\n.\/buid-key-server server\n<\/pre>\n\n\n\n
Client certificate(s)<\/h1>\n\n\n\n
. vars\n.\/sign-req <certificate-name>\n<\/pre>\n\n\n\n