easy-rsa icon indicating copy to clipboard operation
easy-rsa copied to clipboard

Published 20 hours ago verified publisher icon OpenVPN

Renew CA

Open TinCanTech opened this issue 2 years ago • 7 comments

You want to renew your CA and your OpenVPN keeps on working.

This is not possible.

All of your clients require the renewed CA certificate.

The renewed CA certificate MUST be forwarded to your clients, there is no alternative.

Source: https://github.com/OpenVPN/easy-rsa/issues/379#issuecomment-1294722949

Linked-to: https://github.com/OpenVPN/easy-rsa/issues/609#issuecomment-1465464705

Even after considering this absolute fact, EasyRSA has the option to offer a minor, secure shortcut.

The question:

  • Is renewing a CA any different to building a new CA ?

Can EasyRSA make renewing your old CA easy and Secure ?

Maybe ...

TinCanTech avatar Apr 12 '23 03:04 TinCanTech