Hi
On Thu, Jul 22, 2021 at 9:10 PM Joe Patterson
wrote:
> Or, make a new ca.crt file with both the old and new ca certs, no
> cross-signing required. Deploy to server, then to clients, so that
> both server and clients trust both CA's. Then update the client certs
> one by one to the new CA. Th
Or, make a new ca.crt file with both the old and new ca certs, no
cross-signing required. Deploy to server, then to clients, so that
both server and clients trust both CA's. Then update the client certs
one by one to the new CA. Then update the server cert to the new CA.
Then deploy a ca.crt with
Hi,
On Thu, Jul 22, 2021 at 3:40 AM Ralf Hildebrandt <
ralf.hildebra...@charite.de> wrote:
> * Bo Berglund :
> > On Wed, 21 Jul 2021 10:57:50 +0200, Ralf Hildebrandt
> > wrote:
> >
> > >But how do I do this? Can I make openvpn accept client certificates
> > >from two CAs (the old and the new one
Any idea if we can change the plugin call behavior?
On Mon, Jul 12, 2021 at 12:24 PM Duarte Rocha wrote:
>
> On Mon, Jul 12, 2021 at 12:17 PM Duarte Rocha wrote:
> >
> > > On Fri, Jul 9, 2021 at 7:35 PM Gert Doering wrote:
> > >
> > > Hi,
> > >
> > > On Fri, Jul 09, 2021 at 06:17:14PM +0100, Du
* Bo Berglund :
> On Wed, 21 Jul 2021 10:57:50 +0200, Ralf Hildebrandt
> wrote:
>
> >But how do I do this? Can I make openvpn accept client certificates
> >from two CAs (the old and the new one)?
>
> Why using a new certificate?
I need a new CA due to the german BSI crypto regulations (RSA 2048
On Wed, 21 Jul 2021 10:57:50 +0200, Ralf Hildebrandt
wrote:
>But how do I do this? Can I make openvpn accept client certificates
>from two CAs (the old and the new one)?
Why using a new certificate?
If you copy the files specified in the server.conf file on the old server to the
new server and u
