Skip to content

EasyRSA Renewal

Jump to bottom
TinCanTech edited this page Sep 9, 2022 · 13 revisions

renew Why ?

Because a certificate expired but nothing else changed.

renew How ?

  1. Upgrade to EasyRSA Version 3.1.1 - URL Not Available.

  2. Use renew <commonName>

    This will leave two certificate for <commonName>.

  3. Use revoke-renewed <commonName> [reason]

revoke-renewed cannot find certificates for <commonName> ?

If an earlier version of easyrsa has been used to renew a certificate:

  1. Use rewind-renew <serialNumber>

    This will save the files stored by serialNumber back to files named by <commonName>.

  2. Use revoke-renewed <commonName> [reason]

    This will revoke the old certificate, which has been replaced by a new certificate.

renew found an old certificate for <commonName> ?

  1. Use revoke-renewed <commonName> [reason]

Update CRL

See easyrsa help gen-crl

Clone this wiki locally