Messages

1

24.1 Legacy Series / Re: Certificate reissue/renewal

« on: April 16, 2024, 02:17:25 pm »

Well actually, I found this one in the feature request https://github.com/opnsense/core/issues/6646

I'll try to create a new feature request that would fulfill the requirements so it doesn't get automatically closed.

2

24.1 Legacy Series / Certificate reissue/renewal

« on: April 16, 2024, 02:15:29 pm »

Hello,

I have configured an OpenVPN instance with clients certificates from a fresh new internal CA. The openvpn server certificate is also generated from that CA.

To my surprise, I was not able to see any controls in the UI to reissue/renew an expired certificate. Moreover, I wasn't able to find anything on the internet apart from this old topic https://forum.opnsense.org/index.php?topic=24900.0

Any advices would be welcome. Perhaps I should open a new feature request? Using `openssl x509 -x509toreq -in old.crt -signkey private.key` and then sign the request is clearly a non-starter, since both certificates (the expired one and the new one) will remain in the long "Certificates" list, with the new one missing the private key...

Thank you.