Hi Juan, thanks for your answer!
On 18.06.2015 22:33, Juan Pablo wrote:
Certs lasts for the time you decide them to do so, usually 10 years is a good time frame.
Good is a relative measure. I am more of the "fail safe" kind of guy: Forgetting to revoke a certificate if it is not needed any more is more dangerous than forgetting to prolong one. That is why our remote-access-certificates live for about one year.
You can check on the server side the exp date and update them by hand. I dont recall any feature at pfs that warns beforehand.
Checking by hand is what we do now. I was hoping for something more automated :-)
Cheers, -- Philipp Tölke _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
