1
22.7 Legacy Series / Renew an internal certificate authority
« on: April 21, 2023, 12:54:12 pm »
Dear all,
Just a basic question there. I use OPNSense to manage all my internal SSL certificates. My internal certificate authority is going to expire in a couple of weeks and I'm just wondering whether it is possible to renew the existing CA. If a create a new one, I'll need to renew all my SSL certificates within my network.
I think I may avoid this by using the existing CA private key to sign the renewed CA, but I don't know how to do it on OPNSense.
Should I simply create a new CA on an external system, using the current private key for signature?
Cheers,
R.
Just a basic question there. I use OPNSense to manage all my internal SSL certificates. My internal certificate authority is going to expire in a couple of weeks and I'm just wondering whether it is possible to renew the existing CA. If a create a new one, I'll need to renew all my SSL certificates within my network.
I think I may avoid this by using the existing CA private key to sign the renewed CA, but I don't know how to do it on OPNSense.
Should I simply create a new CA on an external system, using the current private key for signature?
Cheers,
R.