Hi, On Tue, Apr 08, 2014 at 10:21:34PM -0400, Sumit Dahiya wrote: > Thanks for the information. Ill appreciate any further insight on the > following: - > > 1. Should we uninstall and then re-install the 2.3.3 on all Windows clients? > Or should we install 2.3.3 without uninstalling previous version?
Installing 2.3.2-I004 or 2.3.3 should be good enough.
> 2. Our server is running on Windows as well. So we will need to install
> 2.3.3 on server too, correct?
Right
> 3. Do we need to re-generate all keys/certificates (ca, clients etc.) and
> send them over to all clients after this fix?
Same answer that has been given before - unless you use some sort of
extra authentication (--tls-auth or one-time-password authentication), there
is a chance that someone stole your keys -> re-generate keys+certs is the
most secure approach to it.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgp_d1dJjJ_Wf.pgp
Description: PGP signature
------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
