WARNING: Your certificate has expired!

kylemanna / docker-openvpn

🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA

https://hub.docker.com/r/kylemanna/openvpn/

MIT License

8.62k stars 2.37k forks source link

WARNING: Your certificate has expired! #704

Open VictorKrasnov opened 2 years ago

VictorKrasnov commented 2 years ago

How to recreate server certificate?

VictorKrasnov commented 2 years ago

I've recreated everything. But I can't retrieve new keys:

docker-compose run --rm openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn

The result of this command is empty file...

guysoft commented 12 months ago

It says here that you can renew the certificate and then it should work again. Any idea what commands that should be in the context of the docker container? https://forums.openvpn.net/viewtopic.php?t=34389

guysoft commented 12 months ago

Ok, managed to find the commands here: https://github.com/angristan/openvpn-install/issues/1002

They need to be adapted to work on the docker container.

Something along the lines of:

mv /etc/openvpn//pki/reqs/your-host-name.com.req your-host-name.com.req.backup
mv /etc/openvpn//pki/private/your-host-name.com.key your-host-name.com.key.backup
mv /etc/openvpn//pki/issued/your-host-name.com.crt your-host-name.com.crt.backup
mv /etc/openvpn/your-host-name.com.crt your-host-name.com.crt.backup
mv /etc/openvpn/your-host-name.com.key your-host-name.com.key.backup

cd /etc/openvpn
easyrsa build-server-full your-host-name.com nopass
cp /etc/openvpn/pki/issued/your-host-name.com.crt /etc/openvpn
cp /etc/openvpn//pki/private/your-host-name.com.key /etc/openvpn

lmovse commented 11 months ago

Ok, managed to find the commands here: angristan/openvpn-install#1002

They need to be adapted to work on the docker container.

Something along the lines of:

mv /etc/openvpn//pki/reqs/your-host-name.com.req your-host-name.com.req.backup
mv /etc/openvpn//pki/private/your-host-name.com.key your-host-name.com.key.backup
mv /etc/openvpn//pki/issued/your-host-name.com.crt your-host-name.com.crt.backup
mv /etc/openvpn/your-host-name.com.crt your-host-name.com.crt.backup
mv /etc/openvpn/your-host-name.com.key your-host-name.com.key.backup

cd /etc/openvpn
easyrsa build-server-full your-host-name.com nopass
cp /etc/openvpn/pki/issued/your-host-name.com.crt /etc/openvpn
cp /etc/openvpn//pki/private/your-host-name.com.key /etc/openvpn

Tks!! it worked for me.

lmovse commented 11 months ago

the latest docker version is easy to renew certificate, command like blow:

mv /etc/openvpn/pki/reqs/your-host-name.com.req your-host-name.com.req.backup
mv /etc/openvpn/pki/private/your-host-name.com.key your-host-name.com.key.backup
mv /etc/openvpn/pki/issued/your-host-name.com.crt your-host-name.com.crt.backup

cd /etc/openvpn 
easyrsa build-server-full your-host-name.com nopass

yavitvas commented 10 months ago

it worked for me thanks