Hello! Thank you for answer.
09.04.2014 16:33, Timothe Litt пишет: > > c) What you do is create your new CA certificate, and add it to the > Trusted CAs file (or directory) that you distribute. > Thank you, this is good idea. As I wrote before I have no experience using certificates, only easyrsa. Could you, or someone else help me and provide step-by-step guide how can I do this, i.e. add new CA and sign new certificates with it while having old CA inplace? > You want the valid-from date to be before the old CA expires, so you > can start issuing and using new client certificates. This allows a > smooth roll-over from the old to the new certificates. Not a problem- I create 1 year certificates for users, and expiration time is more then a year now. > > > This is necessarily a brief summary of complex issue. I hope it puts > you on the right track. > Yes, thank you, this is good theoretical explanation. All I need now are practical examples :-) I understand that can be like reading mans for me for far more expirienced... :-( Hope somebody already implemented this and can share... Thank you! ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
